Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Encrypt email address using .Net Forms Authentication

Posted on 2011-02-10
4
Medium Priority
?
374 Views
Last Modified: 2012-05-11
Hello Experts!

We are creating a web application that requires authentication.  We are using the built-in .Net Forms Authentication to handle the authentication.  However, our security office has mandated that we must encrypt the email address, which is stored in the aspnet_Membership table.  By default, the email address is stored in plain text.   Does anyone know of a way to override or modify the "Create User" method (or other methods) so that we can encrypt the email (much like the password is encrypted)?  Any workarounds?  We are using ASP.NET (VB) Framework v4 and SQL Server 2008.  Specific examples would be very helpful!
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 15

Expert Comment

by:jorge_toriz
ID: 34867122
0
 
LVL 8

Author Comment

by:Forefront_Data_Solutions
ID: 34867215
We've looked into that already but would prefer not to have to do that.  We want to continue to use the built-in membership with the exception of just encrypting the email address.
0
 
LVL 15

Accepted Solution

by:
jorge_toriz earned 1500 total points
ID: 34867233
Well, I'm pretty sure that you will end building your own membership provider due to the dependency that exists on plain-text e-mail

If you security dictates that e-mail must be enrypted, then take in mind that the search will be a bullet in the server's head because you will be decrypting each row to find the right e-mail that you want to get.

If e-mail must be encrypted, you will have to implement the search and login of users throgh a custom number.
0
 
LVL 8

Author Closing Comment

by:Forefront_Data_Solutions
ID: 34890589
This did not fully address my question.  However, since no one else commented, I will go ahead and close the question.
0

Featured Post

New benefit for Premium Members - Upgrade now!

Ready to get started with anonymous questions today? It's easy! Learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Worried about if Apple can protect your documents, photos, and everything else that gets stored in iCloud? Read on to find out what Apple really uses to make things secure.
Ransomware is a growing menace to anyone using a computer or mobile device. Here are answers to some common questions about this vicious new form of malware.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question