Create the Table to securely store the Login and Password

First of all, we need a table to store the data related to the login in a safe way.

The table we will create, will look like this:

UserTable

This Table has these fields

  • ID: Autoincrement Integer internal database field as Primary Key
  • Identifier: Guid to use as Unique identifier in your application
  • Login: This is the unique login (typically e-mail address)
  • PasswordHash: This is the Hashed string of the actual password
  • Salt: This is the unique Salt field
  • Registered: This stores if the user is already registered or this is still pending
  • Active: This is a field that indicates if the account is already/still active

Why do I use a Hash and Salt fields

Hash

When we hash a string, we receive a string that is impossible to transform back to it’s original form. But the most important fact is that we will always get the same result when we use the same hash algorithm.

Salt

When two or more users would have chosen the same password, it would also be stored as the same Hash. This might be something we want to avoid, so we need to add some random pattern, which is unique to the user but only internal to the database.


Follow this link to get the SQL Server script: Script to create the table

Advertisements

Post a comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s