hi everyone, i have a problem, i want to decrypt password in aspnetdb, the password created by web administration tool in vs, i want to decrypt it without using MemberShipProvider, i there any way. Please help me.
+1
A:
It depends on encryption algorithm provider uses. AFAIK usually (MD5, SHA) encrypted password is not encrypted string but calculated hash. When passwords are compared there is NO comparison between decrypted earlier password and password suggested, but comparison between calculated hash for password suggested and calculated earlier hash. same question about MD5, people claim there is no way to decrypt
You can try to reset password or use "forgot password" option.
Andrew Florko
2010-06-05 10:39:38
thanks Andrew and Daniel, i want to Change password without membership provider is there any way?
Thien thai
2010-06-06 15:48:52
+1
A:
Any serious application should only use the password format hashed - then there is no way to retrieve the plain text password - neither for the ASP.NET membership provider nor for any other code (besides there are important advances in the field of cryptography leading to efficient attacks against SHA-1).
The other two options are plain text and encrypted passwords. Plain text passwords can trivially be read from the database and encrypted password are encrypted using the key and algorithm specified with the <machineKey> element in the web.config or machine.config. See the MSDN for reference.
Daniel Brückner
2010-06-05 10:39:59
I see no reason why you should not be able to that - just replace the one stored in the database. Just try it using SQL Management Studio (or whatever you prefer) - if this works writing some code will be straight forward.
Daniel Brückner
2010-06-06 17:19:04