I know how to use the API to change a user or member password. My problem here is that I will need to change it "outside umbraco".
The reason is that I'm trying to create a script to automate the installation. Basically it will unzip a umbraco installation on a new website and create the database. After that, i'd like the script to change the admin password, so, it wont be identical on all sites.
I believe I could write it directly to the database, just would like to know if somebody can point me on the right direction (which tables, etc) so i don't mess things up.
For users (rather than members), the correct table is umbracoUser. You can see the admin account is stored in that table. The password is in clear text within that table.
Well, whether or not the password is in clear text depends on a setting (look at the membership section in the web.config file), in the providers. If the <add> node has an passwordFormat attribute with the value "Hashed", the passwords wont be in clear text.
I can't remember which method is used for hashing (MD5 + Base64 encoding?).
Well on one old installation the passwords are on plain text, however, on this new one base don 4.1 (latter upgraded to 4.5) the passwords are encripted.
Got stock in here, i spent the last 3 hours trying to figure out how to change a user (not member) password. The User.Password property will save the password as plain text on the database and since the provider is set to use a hashed password, it wont work, There was a helper class i noticed people use to encode the password but is missing from the new asseblies (see this post).
Changing a member password looks easy as calling a "ChangePassword" method, what about the user?
Change passwords outside umbraco
I know how to use the API to change a user or member password.
My problem here is that I will need to change it "outside umbraco".
The reason is that I'm trying to create a script to automate the installation. Basically it will unzip a umbraco installation on a new website and create the database. After that, i'd like the script to change the admin password, so, it wont be identical on all sites.
I believe I could write it directly to the database, just would like to know if somebody can point me on the right direction (which tables, etc) so i don't mess things up.
Thanks in advance.
Hi,
For users (rather than members), the correct table is umbracoUser. You can see the admin account is stored in that table. The password is in clear text within that table.
Daniel
Well, whether or not the password is in clear text depends on a setting (look at the membership section in the web.config file), in the providers. If the <add> node has an passwordFormat attribute with the value "Hashed", the passwords wont be in clear text.
I can't remember which method is used for hashing (MD5 + Base64 encoding?).
Thanks Steen,
Well on one old installation the passwords are on plain text, however, on this new one base don 4.1 (latter upgraded to 4.5) the passwords are encripted.
How about using webservices, which I'd prefer if you need to change "something" from "outside umbraco"?
Cheers,
/Dirk
webservice sounds good, my only concern is security since it will allow password changes but, looks like the easyer way to go.
Got stock in here, i spent the last 3 hours trying to figure out how to change a user (not member) password.
The User.Password property will save the password as plain text on the database and since the provider is set to use a hashed password, it wont work,
There was a helper class i noticed people use to encode the password but is missing from the new asseblies (see this post).
Changing a member password looks easy as calling a "ChangePassword" method, what about the user?
is working on a reply...