Is it possible to define the input password string as plaintext or hash?

Question

Is it possible to define the input password string as plaintext or hash?

I have a RESTful API containing a URI / UserService / Register. / UserService / Register accepts an XML request, for example:

<UserRegistrationRequest>
  <Password>password</Password>
  <Profile>
    <User>
      <UserName>username</UserName>
    </User>
  </Profile>
</UserRegistrationRequest>

I have the following questions above:

Is there a way (using C # and .Net 3.5+) to force / verify that clients calling Register are passing a hashed password, not plaintext? Is the choice of the hashing algorithm that the client will use is a good idea?
We could provide a second URI / UserService / ComputePasswordHash, which the client called before calling / UserService / Register. This ensures that each password is hashed using the same algorithm. Is there a mechanism in REST for a client to call one URI before calling another?

I hope I explained myself.

.

+3

c# rest .net passwords hash

Godders 31 . '10 9:37

3

- . , : , . ( ), sting ( ), :

, ? , ?

:

, Base64, , , byte, , , , -.
- ComputePasswordHash, Register

0

Anton Gogolev 31 . '10 9:43

. SSL , api .NET framework.

GetPublicKey(), , . , . , . RSA alogs . 1024bit.

UPDATE: , this msdn

0

affan 31 . '10 9:54

source share

Catalin DICU · Accepted Answer · 2010-03-31T09:46:36+0000

REST , . , , , .

- (SSL/https)

Is it possible to define the input password string as plaintext or hash?

More articles: