Login controlls ASP.NET Membership RRS feed

  • Question

  • Hi

    I've been trying out the membership facilites in ASP.NET.

    I noticed that the password of the users seems to be hashed in the membership database and also uses salt. 

    I used the asp.net configuration tool to add users.

    I have a few question in regard to this:

    1. Where it is hashed? Is it hashed by the ASP.NET configuration tool or by the database itself or perhaps it's in the SQLMembershipProvider? (Actually now that I think about it, it would make sense if it was in the SQLMembershipProvider.)

    2. What algorithim is used? SHA1? md5?

    3. Is there a way to change the algorithim or turn it off completly?



    best regards


    Friday, May 21, 2010 11:42 AM