Changing passwordFormat

J

Jonathan Wood

I've decided my site needs the ability to retrieve existing passwords
without generating a new one. So I need to change passwordFormat from
"Hashed" to "Encrypted".

However, I'm not sure this is working. I tried setting it to "Encrypted"
(and also created a machineKey entry), but then my existing logins continued
to work and it seems like they shouldn't. So I then tried setting it to
"Clear". I'm still able to login but, when I examine the raw
aspnet_Membership table, I see the password fields are still unreadable.

Questions:

1. Is there something else I need to change to modify the way passwords are
stored?

2. Is there any way to do so without losing all my existing logins?

Thanks for any tips!
 
J

Jonathan Wood

Guess I'm the only one who has done this.

Somehow, existing passwords still work if you change the passwordFormat.
However, functionality to change the password doesn't seem to, and so
accounts are best recreated after making the change.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Value cannot be null;Parameter name: passwordAnswer 2
password configuration question 1
problem with custom membership provider 4
Changing a users password without knowing the old password nor the answer to the password question 2
Change a users password without knowing the old password nor the answer to the password question 1
Disabling Accordion 2
Steam Hacked, Valve Investigating Possible Credit Card Theft 7
SHAManaged 1

Top