Why Experts Exchange?
Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.
Jim Murphy
Programmer at Smart IT Solutions
When asked, what has been your best career decision?
Deciding to stick with EE.
Mohamed Asif
Technical Department Head
Being involved with EE helped me to grow personally and professionally.
Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question
Connect with Certified Experts to gain insight and support on specific technology challenges including:
Troubleshooting
Research
Professional Opinions
Ask a QuestionDid You Know?
We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE
troubleshooting Question
Secure passwords in a ASP.NET 2.0 Custom Membership Provider
Gordon Saxby
asked on
asked on
I am writing a custom membership provider which gets logon info from a 3rd party database.
I have it working using plain text passwords but I want to secure the passwords - ideally, so that I can retain the "forgot password" feature but if I have to change it to "reset password" functionality then I could.
Basically, I just need a clear explanation of how I go about encrypting or hashing the password when it is first created and how to validate a user logon. Also, how to retrieve or reset the password, depending on which method is used (encrypt or hash?)
I have it working using plain text passwords but I want to secure the passwords - ideally, so that I can retain the "forgot password" feature but if I have to change it to "reset password" functionality then I could.
Basically, I just need a clear explanation of how I go about encrypting or hashing the password when it is first created and how to validate a user logon. Also, how to retrieve or reset the password, depending on which method is used (encrypt or hash?)
Our community of experts have been thoroughly vetted for their expertise and industry experience.