Thank you for contacting us.
The passwords in Sitefinity 4 area hashed and salt is added by default. If you configure the provider to Clear which is to save the passwords in clear text.
Changing it in Advanced settings -> Security -> Membership Providers -> passwordFormt(to Clear) will not revert alrady hashed passwords. They will remain hashed and the new passwords will be in clear text.
There is bug when chaning the provider to save passwords in claer text it also adds the hassed value of the password after the clear text password. Yes the values are Hashed (Passwords are encrypted one-way using the SHA1 hashing algorithm.), Clear and Encrypted(Passwords are encrypted using the encryption settings determined by
/// the machineKey Element (ASP.NET Settings Schema) element configuration).
the Telerik team
Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking
system and vote to affect the priority of the items