Share this page!

Muhammad Waseem Profile picture
Twitter logo
Mar 11 โ€ข 7 tweets โ€ข 2 min read
๐Ÿ’ก How to store Password in Database

Three common practices that are used for passwords, but first two has some serious issues.

โœ”๏ธ Plain text password
โœ”๏ธ Hashed password
โœ”๏ธ Hashed password with Salt
โœ”๏ธWhat is Salt
โœ”๏ธHow to validated hash password

#dotnet

#csharp #dotnet
1๏ธโƒฃ Plain Text Password
Saving password in plain text is the worst approach because it is open to everyone who has database access and an easy target for attackers. Its not recommended at all.
2๏ธโƒฃ Hashed Password
Hashing the plain text password first and then saving it, it seems safe but it isnโ€™t safe again, you can fall for attack in this case as well rainbow attack.
3๏ธโƒฃ Hashed Password with Salt
Last option is hash of salt and plain password. This would be a suitable password.
โœ”๏ธ What is Salt
Salt is a unique and random string that we append with each password to make it safe. In C# we can simply use ๐†๐”๐ˆ๐ƒ to get a unique string
โœ”๏ธHow hash password with salt is validated?

While saving password in database we store SALT as well

For login request we retrieve the SALT for the user and then combine it with the incoming password then hash it.

Compared it with hashed password saved in database and verify.
๐Ÿ“ง If you like it , you might be interested in my weekly .NET Newsletter , Join family of 550+ Software Engineers here lnkd.in/dNHxJGRG

โ€ข โ€ข โ€ข

Missing some Tweet in this thread? You can try to force a refresh
ใ€€

Keep Current with Muhammad Waseem

Muhammad Waseem Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @mwaseemzakir

Muhammad Waseem Profile picture
Mar 13
๐Ÿ’ก Life of Query in EF

๐’๐ญ๐ž๐ฉ ๐Ÿ : The LINQ Query is processed by EF Core and build an representation that is processed by database provider, and the result is cached later on so we don't need to process it every time #dotnet

See thread ๐Ÿงตโฌ Image
๐’๐ญ๐ž๐ฉ ๐Ÿ : The result is passed to the db provider and db provider identifies which parts of query can be evaluated in db, these parts are then translated into query language (e.g. SQL) after that translated query is sent to db and db returns results (but not entity instances)
๐’๐ญ๐ž๐ฉ ๐Ÿ‘ : For each item we check if it is tracking query EF checks the data in existing change tracker if found relevant entity is returned else new is created, its change tracking get set up and it is returned

For non tracking a new entity is always created and returned.
Read 5 tweets
Muhammad Waseem Profile picture
Mar 12
๐Ÿ’ก 7 Tips to write better LINQ Queries

๐”๐ฌ๐ž ๐จ๐Ÿ ๐€๐ฌ๐๐จ๐“๐ซ๐š๐œ๐ค๐ข๐ง๐  : For read only queries e.g. (GetAll,GetById etc.) use AsNoTracking , when we use it entities are not tracked for change so it brings data more speedily. #dotnet

See thread ๐Ÿงต๐Ÿ”ฝ Image
๐ˆ๐ง๐œ๐ฅ๐ฎ๐๐ž ๐ง๐ž๐œ๐ž๐ฌ๐ฌ๐š๐ซ๐ฒ ๐„๐ง๐ญ๐ข๐ญ๐ข๐ž๐ฌ ๐š๐ง๐ ๐‚๐จ๐ฅ๐ฎ๐ฆ๐ง๐ฌ : While retrieving data from multiple table make sure to include only necessary tables and columns Use eager loading only when it is necessary.
#dotnet
๐…๐จ๐ซ ๐ฅ๐š๐ซ๐ ๐ž ๐๐š๐ญ๐š ๐ฎ๐ฌ๐ž ๐’๐ค๐ข๐ฉ ๐š๐ง๐ ๐“๐š๐ค๐ž : Use skip and take to retrieve data from table for large collections because if we try to bring all data in single try it can take time that will give bad user experience takes next values.
#dotnet Image
Read 8 tweets
Muhammad Waseem Profile picture
Feb 27
๐Ÿ’ก Do and Don't for string in C#

1. Always use
2. Don't use ๐Ÿ”

โœ‰๏ธIf you like my tweets, please join 400+ Software Engineers to receive an actionable tip weekly in your inbox through my Newsletter.(lnkd.in/d69Va5CM)

#csharpย #dotnetย #dotnetcore
โœ…Use an overload of theย String.Equalsย method to test whether two strings are equal

โœ…Use theย String.Compareย andย String.CompareToย methods to sort strings, not to check for equality.
โœ…Use overloads that explicitly specify the string comparison rules for string operations. Typically, this involves calling a method overload that has a parameter of typeย StringComparison.
Read 8 tweets
Muhammad Waseem Profile picture
Feb 26
Method Safety and Idempotency

1. HTTP Methods Introduction
2. Method safety with examples
3. Method Idempotency with examples
๐Ÿงตโฌ

#csharp #dotnet #dotnetcore Image
GET is used to retrieve data, POST is used to save, PUT is used to update existing data edit is common example of it, PATCH is lighter version of PUT , it is used to update just a specific information instead of updating all data on server DELETE is used to remove records.
In CRUD operations

C stands for create : POST
R stands for read : GET
U stands for update : PUT/PATCH
D stands for delete : DELETE
Read 9 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Send Email!

:(