I have a client who already has a functional web site developed using ASP.Net. They may be wanting to convert to PHP. Their member management is done using .NET Membership Provider. I do not know anything about ASP.net, and I have no idea what this Membership Provider thing is. I do have access to their database, and I see that there are a lot of encrypted fields (usernames, passwords, secret questions/answers, stuff like that). The length of the encrypted strings is 64 chars.
My primary concern is not breaking members logins if we convert. So I'm interested in knowing "what I don't know"! Is this going to be a big bag of worms?
To complicate things even more, they are currently hosted on GoDaddy, and there is no easy way to export the database. All you can do is go through a table at a time and export to .csv ! Will that do anything to the encrypted data?
I tried a simple test: I exported the data for my own account, getting the encrypted password. In PHP, I tested to see if sha1(myplaintextpassword) equalled the encrypted field, and it did not. Understandably so, since sha1's encrypted strings are always 40 chars.