c#程序中对密码进行加密的方法

在ADO.NET中，向数据库添加数据时，怎样对数据中的密码进行加密？(也就是说在数据表中也看不到用户的密

  码，只是一些经过编译后的字符串，以防止数据库管理员利用用户的密码进行非法操作。)    首先，在c#WinForm程序中引入命名空间,"using System.Web.Security;",此命名空间是专门用来对程序进 

  行安全设置的；    其次，定义一个string类型的变量，用来接收用输入的密码；  string passWord = this.textBox1.Text.Trim();    取到密码之后，接下来便是对密码进行加密处理：  string pwd = FormsAuthentication.HashPasswordForStoringInConfigFile(pwd, "md5");    最后，将加密后的密码pwd添加到数据库中去。  insert into userInfo(uName,pwd) values('{0}','{1}');select @@identity", this.txtUID.Text.Trim   

(),passwrod);  示例代码：  using System.Web.Security;

    //取得文本框中的密码    string pwd = this.txtPwd1.Text.Trim();    //对密码加密    string passwrod = FormsAuthentication.HashPasswordForStoringInConfigFile(pwd, "md5");    //创建SQL语句，将加密后的密码保存到数据库中    string insCmd =          string.Format("insert into userInfo(uName,pwd) values('{0}','{1}');select @@identity",  

          this.txtUID.Text.Trim(),passwrod);    using (SqlCommand cmd = new SqlCommand(insCmd, Form1.Connection))    {        int uid = Convert.ToInt32(cmd.ExecuteScalar());        //int uid = int.Parse(cmd.ExecuteScalar());//error        if (uid > 0)        {            string mess = string.Format("恭喜，注册成功！您的号码是{0}",uid);            MessageBox.Show(mess);        }        else        {            MessageBox.Show("对不起，注册失败了！");        }    }

  这样加密之后保证了用户密码的安全，但是又出现了一个问题，即用户登录时怎样对密码进行验证，该不会让

 用户去记住加密后的那一长串字符串吧？ 答案当然是否定的，那怎样解决呢？  应该这样解决：  在用户登录时，得到用户输入的密码；  然后，将取到的密码再次进行加密；  之后，根据用户名取出该用户在数据库中的真实密码；  最后，将刚刚进行加密的密码与数据库密码进行比对，即可完成用户登录操作。  示例代码：  string pwd = this.txtPwd1.Text.Trim();                string pwd1 = FormsAuthentication.HashPasswordForStoringInConfigFile(pwd, "md5");                string uid = this.txtUID.Text.Trim();                string selCmd = string.Format("select pwd from userINfo where uName='{0}'", uid);                string password = "";                using (SqlCommand cmd = new SqlCommand(selCmd, Form1.Connection))                {                    password= cmd.ExecuteScalar().ToString();                                }                if (password == pwd1)                {                    MessageBox.Show("登录成功");                }                else                {                    MessageBox.Show("密码错误！");                }完整实例(复制即可用)：

1.数据库代码：

use tempdbgoif exists (select * from sysobjects where name = 'UserInfo')drop table UserInfogocreate table UserInfo( uId int identity(1,1) not null, uName nvarchar(20) not null, uAge int not null, password nvarchar(200) not null)goalter table UserInfoadd constraint PK_uID primary key (uId)alter table UserInfoadd constraint CK_uAge check (uAge between 0 and 100)goselect * from UserInfo

2.c#代码

using System;using System.Collections.Generic;using System.ComponentModel;using System.Data;using System.Data.SqlClient;using System.Drawing;using System.Text;using System.Windows.Forms;using System.Web.Security;  //安全加密

namespace 密码加密示例{    public partial class Form1 : Form    {        //创建数据库连接字符串        static readonly string strConn = "Data Source=.;Initial Catalog=tempdb;Integrated Security=True";        //创建数据库连接对象        static SqlConnection connection = null;        //属性        public static SqlConnection Connection        {            get             {                if (connection == null || connection.State != ConnectionState.Open)                {                    connection = new SqlConnection(strConn);  //连接数据库                    connection.Open();  //打开数据库                }                return Form1.connection;  //返回一个连接            }                    }

        public Form1()        {            InitializeComponent();        }

        ///         /// 检查用户输入        ///         ///         private bool CheckInput()        {            if (string.IsNullOrEmpty(this.txtName.Text))            {                this.errorPro.SetError(this.txtName, "用户名不能为空！");                this.txtName.Focus();                return false;            }            else            {                this.errorPro.Dispose();  //终止提示错误            }            if (string.IsNullOrEmpty(this.txtAge.Text))            {                this.errorPro.SetError(this.txtAge, "姓名不能为空！");                this.txtAge.Focus();                return false;            }            else            {                this.errorPro.Dispose();            }            if (string.IsNullOrEmpty(this.txtPass.Text))            {                this.errorPro.SetError(this.txtPass, "密码不能为空！");            }            else            {                this.errorPro.Dispose();            }            return true;        }

        ///         /// 添加数据        ///         ///         ///         private void btnAdd_Click(object sender, EventArgs e)        {            if (this.CheckInput())            {                //获取用户输入的密码                string password = this.txtPass.Text.Trim();                //对密码进行加密                string pwd = FormsAuthentication.HashPasswordForStoringInConfigFile(password, "md5");                //创建SQL语句,将加密后的密码保存到数据库                string insCmd = string.Format("insert into UserInfo values ('{0}','{1}','{2}')",                    this.txtName.Text.Trim(), this.txtAge.Text.Trim(),pwd);                 using (SqlCommand cmd = new SqlCommand(insCmd,Form1.Connection))                {                    if (cmd.ExecuteNonQuery() > 0)                    {                        MessageBox.Show("恭喜您，注册成功！");                    }                    else                    {                        MessageBox.Show("对不起，注册失败···");                    }                }            }        }    }}

完！