I tried encrypting my password field as shown in this post. https://stackoverflow.com/questions/883371/effective-password-encryption
What I am trying to is generate random salt for every password and then encrypt it using Hashing algorithm. I tried the code shown in the post. But I am getting error.
public string Encrypt(string clearText)
{
try
{
byte[] passwordHash = ComputeHash(clearText);
byte[] salt = GetRandomSalt();
byte[] saltHash = ComputeHash(salt.ToString());
byte[] hashWithSaltBytes = new byte[hashBytes.Length + saltBytes.Length];
for (int i = 0; i < hashBytes.Length; i++)
hashWithSaltBytes[i] = hashBytes[i];
for (int i = 0; i < saltBytes.Length; i++)
hashWithSaltBytes[hashBytes.Length + i] = saltBytes[i];
string hashValue = Convert.ToBase64String(hashWithSaltBytes);
return hashValue;
}
catch (Exception)
{
throw;
}
}
//random salt generation
public static byte[] GetRandomSalt()
{
int minSaltSize = 16;
int maxSaltSize = 32;
Random random = new Random();
int saltSize = random.Next(minSaltSize, maxSaltSize);
saltBytes = new byte[saltSize];
RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
rng.GetNonZeroBytes(saltBytes);
return saltBytes;
}
// hashing
public static byte[] ComputeHash(string plainText)
{
byte[] plainTextBytes = Encoding.UTF8.GetBytes(plainText);
HashAlgorithm hash = new SHA256Managed();
return hash.ComputeHash(plainTextWithSaltBytes);
}For the method Encrypt I am getting error The name 'hashBytes' does not exist in the current context and in the methodComputeHash I am getting the error The name 'plainTextWithSaltBytes' does not exist in the current context. How can I solve this?