Different hash algorithm for ASP.NET Membership provider? | ansaurus

tags:

asp.net-membership

views:

333

answers:

1

+1 Q:

Different hash algorithm for ASP.NET Membership provider?

Does anyone know if it is possible to configure the ASP.NET membership API to use SHA-256 or SHA-512? I don't really want to have to go down the line of writing my own and our employer has an encryption policy that does not allow MD5 or SHA-1. All i can find from Microsoft is the the HashAlgorythmType enum

...but this only contains MD5 and SHA1

Thanks,

Keeno

+1 A:

ACtually the format is determined by the passwordFormat attribute of the .../membership/providers/add element in the configuration file which defines settings for the provider.

The possible values are given by the MembershipPasswordFormat enumeration which provides no control over the hash algorithm used.

Richard 2009-06-07 10:58:20

related questions

after running aspnet_regsql.exe , do I have to init the db with data? how?

Not using e-mail address in a custom MembershipProvider?

How to pass the current user to a web control declaratively

How do you rename a Role using Membership in .NET?

What encryption algorithm does the .net membership provider use?

Membership.GetUser() & MARS

Web.config editing for Membership Role Authorization

Globalization of Membership exceptions isn't taking place... What to do?

OpenId development while disconnected from Internet

programmatic login with .net membership provider

Addin extra properties to MembershipProvider

ASP.Net Providers from web server in DMZ

ASP.NET PasswordRecovery Control with Localized content

Examples of asp.net mvc and authentication

ASP.NET Membership for high security scenarios?

ASP.NET Forms Authentication With Only UserName

What to use for membership in ASP.NET

How can I wrap a transaction around Membership.CreateUser?

New site creation and security/authentication,- should I use ASP.net Membership Provider?

ASP.NET WSAT (Website Administration Tool) and Custom Membership Providers

How do you manage asp.net SQL membership roles/users in production?

How to access UserId in ASP.NET Membership without using Membership.GetUser() ?

Can I use OpenId with the ASP MembershipProvider?

How do you pass an authenticaticated session between app domains

Class design decision