Is this how hashed password stored in SQL Server should look like?
This is function I use to hash password (I found it in some tutorial)
public string EncryptPassword(string password)
{
//we use codepage 1252 because that is what sql server uses
byte[] pwdBytes = Encoding.GetEncoding(1252).GetBytes(password);
byte[] hashBytes = System.Security.Cryptography.MD5.Create().ComputeHash(pwdBytes);
return Encoding.GetEncoding(1252).GetString(hashBytes);
}
EDIT I tried to use sha-1 and now strings seem to look like as they are suppose to:
public string EncryptPassword(string password)
{
return FormsAuthentication.HashPasswordForStoringInConfigFile(password, "sha1");
}
// example output: 39A43BDB7827112409EFED3473F804E9E01DB4A8
Result from the image above looks like broken string, but this sha-1 looks normal....
Will this be secure enough?