如何从数据库解密asp.net会员密码 [英] how to decrypt an asp.net membership password from database
本文介绍了如何从数据库解密asp.net会员密码的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
大家好,
我在我的数据库中使用了memebership,在aspnet_membership表中密码以加密格式保存,现在我想提供忘记密码选项给用户
如何从数据库中获取解密的原始密码
任何人都可以帮助我紧急..
提前谢谢
Hi All,
I have used memebership in my database,and in aspnet_membership table the password is saved in encrypted format ,now i want to provide forgot password option to user
how can i get the decrypted original password from database
can anybody pls help me its urgent..
Thanks in advance
推荐答案
首先,摆脱这种不安全的架构,您可以在其中加密密码。在任何体面的身份验证模型中,密码都不能解密;这是永远不需要的。
惊讶吗?请参阅我过去的答案以获取更多详细信息:
以安全的方式存储密码值int sql server [ ^ ],
加密密码解密 [ ^ ],
我已经加密了我的密码,但是当我登录时给了我一个错误。如何解密 [ ^ ] 。
-SA
First of all, get rid of such an unsafe schema where you can encrypt a password. In any decent authentication model, a password cannot be "decrypted"; this is never needed.
Surprised? Please see my past answers for further detail:
storing password value int sql server with secure way[^],
Decryption of Encrypted Password[^],
i already encrypt my password but when i log in it gives me an error. how can decrypte it[^].
—SA
如果您使用了任何标准工具进行加密然后它们专门用于防止解密 - 你最好提供一个替换密码选项和(加密)安全问题来验证。
看看讨论 http://stackoverflow.com/questions/173329/how- to-decrypt-a-password-from-sql-server [ ^ ]
If you have used any of the "standard" tools for encryption then they are specifically designed to prevent decryption - you would be better off offering a replace-password option with (encrypted) security questions to validate.
Have a look at the discussions here http://stackoverflow.com/questions/173329/how-to-decrypt-a-password-from-sql-server[^]
这篇关于如何从数据库解密asp.net会员密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文