views:

15

answers:

0

I'm in the process of migrating an application from .Net forms to MVC. The application currently uses a custom membership provider and I would like to convert it to use the SQL Membership provider. I'm hoping to use the current user passwords as is.

The "old" application uses "ComputeHash" in System.Security.Cryptography.SHA1CryptoServiceProvider to create a hash value for user passwords.

In the new application I set the password format to "Hashing" (in the membership element of the config file).

The problem: After creating some test data, I'm getting different values for the same password in the two applications. This seems odd to me. It is my understanding that by default the SQL membership provider also uses the SHA1 algorithm. Am I doing something wrong? Is there a good way around this?

Thanks in advance