I have just installed the "Member Package" in Umbraco 4 and I have everything working except the Password Recovery - this is emailing me a hashed version of the password. I believe this is due to the database now storing the password as a hashed value (whereas it used to be stored as plain text).
But when I enter the email address of one of my Members - it comes back telling me the email address is not recognised/doesn't belong to any of the users. Has anyone experienced this before? My code is exactly the same as Dirk's post on the 2nd page of that forum post.
The control seems to be working as it should. It just returns what is in the database, since the passwords are hashed (I believe it is one way) they cannot be "decoded". You will either have to set the passwords back to plain text, in order to have the password sent.
You could also create a custom control that will reset the password and email them the new password.
Are the passwords in the email? Are they hashed? If so I found that if the password was in the db hashed and I change to passwordFormat="Hashed" the I had to reset the passwords in the database/backend, so that they would be plain text.
Again if the passwords were hashed, this is a one-way encryption, so there is no way to get the password back, other than changing it in the backend.
Thanks for your reply. Luckily the site has no users yet but me, so I created a new account and I checked in the db to make sure the password isn't hashed (it wasn't). But I'm still not able to use the password recovery from Dirk's code..
Password recovery in Version 4
Hi everyone,
I have just installed the "Member Package" in Umbraco 4 and I have everything working except the Password Recovery - this is emailing me a hashed version of the password. I believe this is due to the database now storing the password as a hashed value (whereas it used to be stored as plain text).
I googled about and searched the forums and found Dirk's code http://our.umbraco.org/forum/getting-started/questions-about-runway-and-modules/3758-Member-password-reminder-not-sending-info?p=1 and pasted this into my template.
But when I enter the email address of one of my Members - it comes back telling me the email address is not recognised/doesn't belong to any of the users. Has anyone experienced this before? My code is exactly the same as Dirk's post on the 2nd page of that forum post.
Cheers, Garry.
I'm having the same problem...
The control seems to be working as it should. It just returns what is in the database, since the passwords are hashed (I believe it is one way) they cannot be "decoded". You will either have to set the passwords back to plain text, in order to have the password sent.
You could also create a custom control that will reset the password and email them the new password.
See this post for a similar problem.
http://our.umbraco.org/forum/getting-started/questions-about-runway-and-modules/3758-Member-password-reminder-not-sending-info
I got rid of the 'passwordFormat="Hashed"' but it's still not working..
@Laura,
Are the passwords in the email? Are they hashed? If so I found that if the password was in the db hashed and I change to passwordFormat="Hashed" the I had to reset the passwords in the database/backend, so that they would be plain text.
Again if the passwords were hashed, this is a one-way encryption, so there is no way to get the password back, other than changing it in the backend.
Hi Sean,
Thanks for your reply. Luckily the site has no users yet but me, so I created a new account and I checked in the db to make sure the password isn't hashed (it wasn't). But I'm still not able to use the password recovery from Dirk's code..
is working on a reply...
This forum is in read-only mode while we transition to the new forum.
You can continue this topic on the new forum by tapping the "Continue discussion" link below.