Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3031
  • Last Modified:

asp.net membership question - Hashed passwords cannot be decoded.

I'm trying to retrieve user passwords for an admin page.  Apparently I've been using hashed passwords.  I'm developing a low security, friendly site, so I don't give a rip about how secure it is.  I read that I need to change my password format.  I tried this by adding passwordFormat="true" in my web.config, but I still get the 'Hashed passwords cannot be decoded.' error on this line:
Line 180:        MembershipUtil.Password = Membership.Provider.GetPassword(MembershipUtil.Username, String.Empty);

Please advise.  Thanks -
1
JT_SIRO
Asked:
JT_SIRO
1 Solution
 
quizwedgeCommented:
Your existing users have hashed passwords, so you can't decode them. I found the following response at https://jcbauza.com/forums/p/1076/1270.aspx (though their SSL certificate has expired, so you'll probably get an error)

After a while we discovered what the problem was. The users were created originally by the application using a hashed password. This became an issue as a user with a hash password cannot be migrated automatically to the new encryption setting. So, even though your application is using encryption for the passwords, previously created users will face the issues mentioned before. What we ended up doing was deleting the existing users and creating new ones with the new settings on Web.Config. You could also reset the users and modify a column in the database if deleting them is not an option.
2

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now