ASP.Net Membership Password Encrypted
-
Friday, May 22, 2009 1:57 PM
Dear Developers,
I have Two SQL Database
1 . Forum authentication (ASP.Net Membershipprovider&RoleProvider database)
2. Application Database (XXX)
Import from ApplicationDatabase(XXX) (Users details table) to Forum Authentication Database (aspnet_Users,aspnet_Membership table).
In Application Database(XXX) Textpassword and Forum Authentication (encrypted Password)
I need how to convert Textpassword to encrypted Password in C# language
I need to get those passwords into the aspnet_Membership table in SQL Server which is the table used by the MembershipProvider and I'd like to have them encrypted (not hashed) using the default encoding scheme provided by Microsoft in the SQLMembershipProvider.
- Changed Type Mike Walsh FIN Friday, May 22, 2009 2:58 PM always use the question type so people get credit for their replies to you
All Replies
-
Friday, May 22, 2009 7:56 PM Hi,
First, I think your question is not really SharePoint related, instead it is general ASP.NET 2.0 question.
It's not clear to me that there are the same users in the two databases and only the passwords must be synchronized or users should also be created in the membership DB.
You should use the membership API to achieve your goal.
How To: Use Membership in ASP.NET 2.0
http://msdn.microsoft.com/en-us/library/ms998347.aspx
You can use the MembershipUser.ChangePassword method to change the password. It is important that you have to know the current (old) passwords of the users in membership DB to change the password!
MembershipUser.ChangePassword Method
http://msdn.microsoft.com/en-us/library/system.web.security.membershipuser.changepassword.aspx
For creating new users, you can use the Membership.CreateUser method as described here
Membership.CreateUser Method
http://msdn.microsoft.com/en-us/library/system.web.security.membership.createuser.aspx
The passwordFormat for the membership provider must be configured to Encrypted.
As described here:
SqlMembershipProvider.PasswordFormat Property
http://msdn.microsoft.com/en-us/library/system.web.security.sqlmembershipprovider.passwordformat.aspx
"Encrypted and Hashed passwords are encrypted or hashed by default based on information supplied in the machineKey element in your configuration."
It means that theoretically you can encrypt (and store in the membership DB) your passwords with a custom application applying the encryption method (AES / 3DES / DES) specified at the machineKey, but I'm not sure whether it is a good idea.
Peter- Proposed As Answer by Peter Holpar, MVPMVP Wednesday, May 27, 2009 10:07 AM
- Marked As Answer by Paul AndrewMicrosoft Employee Wednesday, May 27, 2009 4:55 PM
