In Focus

Generate the Client Side Hash Password Via MD5 Algorithm and Saving it to Database

This article shows how to convert a plain password to a hashed password using the MD5 algorithm on the client side and save it to the database.

Introduction

This article shows how to convert a plain password to a hashed password using the MD5 algorithm on the client side and save it to the database.

For the demonstration, I will do:

  1. Create a table in the database to store the login credentials of the user.
  2. Create a website and add a MD5 conversion file of JavaScript.
  3. Add a page in the website with 2 textboxes for User ID and Password and save button.
  4. Add a reference of the MD5 conversion file on the page and create a JavaScript function to convert the plain password to the hashed password.
  5. Add the code on the page load for adding JavaScript function via an attribute add of the save button and on the button click event save the data.

Step 1

Create a table named "LoginTable" in the database to store the login credentials of the user.

  1. create table LoginTable  
  2. (  
  3.     UserID varchar(10) primary key,  
  4.     pwd varchar(50)   

SQL Query

Step 2

Create a website and add a MD5 conversion file of JavaScript.

  1. Create an empty website named "LoginCredentials".

    Creating ASP.Net WebSite
     
  2. Add a new folder in the root and name it "Scripts". Add the "md5.js" into the "Scripts" folder.

    Note: You can find the "md5.js" in the attached file.

    Adding js File

Step 3

Add a page in the website with 2 textboxes for User ID and Password and save button.

  1. Add a page named "SaveData.aspx".

    Adding WebForm
     
  2. Add some controls on the page like:
     
    • Text box for user id named "txtUserID".
    • Text box for password named "txtpwd" with TextMode="Password".
    • Button for save the data named "btn_save" with "onclick" event.

Design View of WebForm

Step 4

Add a reference of the MD5 conversion file on the page and create a JavaScript function to convert the plain password to the hashed password.

  1. Add the reference of the MD5 conversion file on the page.
    1. <script src="Scripts/md5.js"></script> 
  2. Create a JavaScript function to convert the plain password to the hashed password in the "head" section of the page. 
    1. <script type="text/javascript">  
    2.         function GeneratePwd() {  
    3.             if (document.getElementById("txtpwd").value != "") {  
    4.                 document.getElementById("txtpwd").value = hex_md5(document.getElementById("txtpwd").value);  
    5.             }  
    6.         }  
    7. </script> 

Note: The "hex_md5" function exists in the "md5.js" file.


Step 5

Add the code on the page load for adding JavaScript function via an attribute add of the save button and on the button click event to save the data.

  1. Add the JavaScript function via an attribute add of the save button.
    1. protected void Page_Load(object sender, EventArgs e)  
    2. {  
    3.     if (!IsPostBack)  
    4.     {  
    5.                  
    6.         //Add the JS function call to button with a parameter  
    7.         btn_Save.Attributes.Add("onclick""return GeneratePwd();");  
    8.     }  
  2. Save the data into the database on the save button click event.
    1. protected void btn_Save_Click(object sender, EventArgs e)  
    2. {  
    3.     if (txtUserID.Text != "" && txtpwd.Text != "")  
    4.     {  
    5.         //Insert the Data in the Table  
    6.         using (SqlConnection connection = new SqlConnection())  
    7.         {  
    8.             connection.ConnectionString = ConfigurationManager.ConnectionStrings["constr"].ToString();  
    9.             connection.Open();  
    10.             SqlCommand cmd = new SqlCommand();  
    11.             cmd.Connection = connection;  
    12.             string commandText = "Insert into LoginTable values ('" + txtUserID.Text + "','" + txtpwd.Text + "')";  
    13.             cmd.CommandText = commandText;  
    14.             cmd.CommandType = CommandType.Text;                  
    15.             cmd.ExecuteNonQuery();  
    16.             cmd.Dispose();  
    17.             connection.Close();  
    18.             Response.Write("Data has been Added");  
    19.         }  
    20.     }  

At Run Time: After running the page, type the user id and password.

Calling WebForm in Browser

Note: Here User ID is "Admin" and password is "abcd1234".

Result: Now the output in the database is as you can see.

SQL View