Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Carl 65 posts 87 karma points MVP
    May 27, 2010 @ 13:14
    Carl
    0

    Passwords kept in plain text after upgrading to 4.0.4.1

    Ho

     

    I've noticed that passwords that were previously hashed from version 4.0.3 are not working in 4.0.4.1. After much tweeking and playing around, I found that umbraco had defaulted to storing passwords in plain text. This is irritating as I already have users who have passwords that are hashed. I wonder is there a setting to revert umbraco to storing passwords as hashed again?

     

    Thanks

  • Dirk De Grave 4539 posts 6012 karma points MVP 3x admin c-trib
    May 27, 2010 @ 13:26
    Dirk De Grave
    0

    Have to change a settings in web.config's membership provider to

    passwordFormat="Hashed"

     

    Hope this helps.

    Regards,

    /Dirk

  • Carl 65 posts 87 karma points MVP
    May 27, 2010 @ 13:37
    Carl
    0

    Thanks Dirk

  • Carl 65 posts 87 karma points MVP
    May 27, 2010 @ 18:41
    Carl
    0

    Hi Dirk

    I was a little premature there - my file does not have any entry for passwordFormat anywhere in it. Was this something that was missed from the 4.0.4 1 install?

  • Dan 1265 posts 3834 karma points admin c-trib
    May 27, 2010 @ 19:15
    Dan
    1

    Hi Carl,

    The default is plain text so if your web.config file doesn't have an entry for password format it will be defaulting to plain text.  To resolve that there should be a line in the membership provider section of the web.config file begining:

           <add name="UsersMembershipProvider"...

    Inside that line, insert

    passwordFormat="Hashed"
Please Sign in or register to post replies

Write your reply to:

Draft