I am trying to build a password reminder service to the website that I have built using Umbraco. I am using the standard Umbraco membership provider.
When I retreive the password using the follwoing code -
Member thisMember = Member.GetMemberFromEmail(UsernameText.Text); string strPassword = thisMember.Password;
strPassword is understandably in a hashed form. I would like to know how I can convert this to clear text. I have tried changing the password format in web.config to Encrypted and adding the <machineKey> section in teh web.config, but I have become painfully aware that since members and users have already been created in Umbraco, its too late for me to change teh password formats.
Retrieving the hashed password in clear text
Hi,
I am trying to build a password reminder service to the website that I have built using Umbraco. I am using the standard Umbraco membership provider.
When I retreive the password using the follwoing code -
Member thisMember = Member.GetMemberFromEmail(UsernameText.Text);
string strPassword = thisMember.Password;
strPassword is understandably in a hashed form. I would like to know how I can convert this to clear text. I have tried changing the password format in web.config to Encrypted and adding the <machineKey> section in teh web.config, but I have become painfully aware that since members and users have already been created in Umbraco, its too late for me to change teh password formats.
Your help is greatly appreciated.
Thanks,
Shwetha
Shwetha,
The whole thing about hashed password is that it cannot be unhashed. You will need to implement password reset rather than password reminder.
Regards
Ismail
Exactly, +1 on Ismail's comment.
Never send the password, just create a password reset page with a nice unique hash in the url.
is working on a reply...