Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Carl Sargunar 68 posts 90 karma points MVP 3x
    May 27, 2010 @ 13:14
    Carl Sargunar
    0

    Passwords kept in plain text after upgrading to 4.0.4.1

    Ho

     

    I've noticed that passwords that were previously hashed from version 4.0.3 are not working in 4.0.4.1. After much tweeking and playing around, I found that umbraco had defaulted to storing passwords in plain text. This is irritating as I already have users who have passwords that are hashed. I wonder is there a setting to revert umbraco to storing passwords as hashed again?

     

    Thanks

  • Dirk De Grave 4541 posts 6021 karma points MVP 3x admin c-trib
    May 27, 2010 @ 13:26
    Dirk De Grave
    0

    Have to change a settings in web.config's membership provider to

    passwordFormat="Hashed"

     

    Hope this helps.

    Regards,

    /Dirk

  • Carl Sargunar 68 posts 90 karma points MVP 3x
    May 27, 2010 @ 13:37
    Carl Sargunar
    0

    Thanks Dirk

  • Carl Sargunar 68 posts 90 karma points MVP 3x
    May 27, 2010 @ 18:41
    Carl Sargunar
    0

    Hi Dirk

    I was a little premature there - my file does not have any entry for passwordFormat anywhere in it. Was this something that was missed from the 4.0.4 1 install?

  • Dan 1285 posts 3917 karma points c-trib
    May 27, 2010 @ 19:15
    Dan
    1

    Hi Carl,

    The default is plain text so if your web.config file doesn't have an entry for password format it will be defaulting to plain text.  To resolve that there should be a line in the membership provider section of the web.config file begining:

           <add name="UsersMembershipProvider"...

    Inside that line, insert

    passwordFormat="Hashed"
Please Sign in or register to post replies

Write your reply to:

Draft