Solved

Encrypt email address using .Net Forms Authentication

Posted on 2011-02-10
4
364 Views
Last Modified: 2012-05-11
Hello Experts!

We are creating a web application that requires authentication.  We are using the built-in .Net Forms Authentication to handle the authentication.  However, our security office has mandated that we must encrypt the email address, which is stored in the aspnet_Membership table.  By default, the email address is stored in plain text.   Does anyone know of a way to override or modify the "Create User" method (or other methods) so that we can encrypt the email (much like the password is encrypted)?  Any workarounds?  We are using ASP.NET (VB) Framework v4 and SQL Server 2008.  Specific examples would be very helpful!
0
Comment
  • 2
  • 2
4 Comments
 
LVL 15

Expert Comment

by:jorge_toriz
ID: 34867122
0
 
LVL 8

Author Comment

by:Forefront_Data_Solutions
ID: 34867215
We've looked into that already but would prefer not to have to do that.  We want to continue to use the built-in membership with the exception of just encrypting the email address.
0
 
LVL 15

Accepted Solution

by:
jorge_toriz earned 500 total points
ID: 34867233
Well, I'm pretty sure that you will end building your own membership provider due to the dependency that exists on plain-text e-mail

If you security dictates that e-mail must be enrypted, then take in mind that the search will be a bullet in the server's head because you will be decrypting each row to find the right e-mail that you want to get.

If e-mail must be encrypted, you will have to implement the search and login of users throgh a custom number.
0
 
LVL 8

Author Closing Comment

by:Forefront_Data_Solutions
ID: 34890589
This did not fully address my question.  However, since no one else commented, I will go ahead and close the question.
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
In 2017, ransomware will become so virulent and widespread that if you aren’t a victim yourself, you will know someone who is.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question