More in this section

Forums / Developing with Sitefinity / Encrypt/Decrypt password

Encrypt/Decrypt password

4 posts, 0 answered
  1. Fabian
    Fabian avatar
    6 posts
    Registered:
    08 Dec 2008
    04 Mar 2009
    Link to this post
    Hi

    Is there a way to encrypt/decrypt users password ???

    Our customers would like us to implement a "change password" et a "recovery password" in their site.
    So, we would like to know if there is a way to encode and decode the password fields of the users table.

    Thx

    Greetings,

    Fabian Peruzzi
    PROMISYS
  2. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    04 Mar 2009
    Link to this post
    Hi Fabian,

    Please take a look at the following article http://forums.asp.net/p/1338891/2704827.aspx. You need to develop custom password recovery control as well, that will hash the password and question again.

    Sincerely yours,
    Ivan Dimitrov
    the Telerik team

    Instantly find answers to your questions on the new Telerik Support Portal.
    Check out the tips for optimizing your support resource searches.
  3. Fabian
    Fabian avatar
    6 posts
    Registered:
    08 Dec 2008
    05 Mar 2009
    Link to this post
    Hi Ivan

    I just read the forum thread you sent to me.
    It seems that it's focused on changing the security question and ansmwer of a user and not simply getting the password by itself.

    I need to import some users into Sitefinity's users table from an external file; So I need to know how to encrypt (encode) the passwords. Secondly, I need to be able to send to one user his password by e-mail. So I need to decode the password in the database.

    Isn't there a simple way to decode the password of the database instead of doing a reset of the password ???

    Another question that I didn't understand very well : how does the Membership Security of .NET can update your table user of Sitefinity ?

    Thanks
  4. Dido
    Dido avatar
    149 posts
    Registered:
    24 Sep 2012
    05 Mar 2009
    Link to this post
    Hello Fabian,

    Generally, passwords in Sitefinity are stored in an encrypted form. An irreversible algorithm is used (one-way), so the "hashed" value is stored in the database. This is the general approach for saving passwords in a database. Therefore, there is no way for the admin to know your password, all he/she can do is reset the password and send you the one he/she used. In sitefinity, the process is automated (e.g. the password is auto-generated) and a password reset is done via a button click.

    As for your last question, we are inheriting this functionality from the standard asp.net membership provider. We relay on asp.net to handle this.

    All the best,
    Dido
    the Telerik team

    Instantly find answers to your questions on the new Telerik Support Portal.
    Check out the tips for optimizing your support resource searches.
Register for webinar
4 posts, 0 answered