Asp.net会员密码格式值设置为1 [英] Asp.net membership password format value set to 1
问题描述
我有一个要理解和修改的项目。在此,开发人员使用asp.net成员资格提供程序进行用户注册。我需要知道在这个项目中使用了哪种密码加密技术。
我的 web.config 文件就是这个。
I have a project to understand and modified. in this the developer is using asp.net membership provider for user registration purposes. I need to know which password encryption technique is using in this project.
My web.config file is this.
<membership>
<providers>
<clear />
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" />
</providers>
</membership>
并且在asp_membership的sql数据库表中,列 passwordFormat设置为1 。
我写了另一个程序,看看如果我用sh1自定义。但它没有返回匹配的值。
E.G
and in the sql database table in asp_membership the column passwordFormat is set to 1.
I have wrote another program to see that if i done this customize with sh1. but it did not return the matched value.
E.G
email; abc@gmail.com , Password: XD/9f1M211z5jv2LTazSrVgPyrc= , PasswordSalt: T3pit6T+AnxAEWFslVd5Lw==
这是我的代码
here is my code
protected void btn_register_Click(object sender, EventArgs e)
{
user_email = tbx_email.Text.Trim();
user_password = tbx_password.Text.Trim();
//string salt = CreateSalt(8);
string salt = "T3pit6T+AnxAEWFslVd5Lw==";
string haspassword = CreatePasswordHash(user_password, salt);
db1.sqlcmd = new SqlCommand("usp_register_user");
try{
using (SqlDataAdapter sda = new SqlDataAdapter())
{
db1.sqlcmd.CommandType = CommandType.StoredProcedure;
db1.sqlcmd.Parameters.AddWithValue("@email", user_email);
db1.sqlcmd.Parameters.AddWithValue("@Password", haspassword);
db1.sqlcmd.Parameters.AddWithValue("@PasswordSalt", salt);
db1.sqlcmd.Parameters.Add("@success", SqlDbType.Bit);
db1.sqlcmd.Parameters["@success"].Direction = ParameterDirection.Output;
db1.sqlcmd.Connection = db1.sqlcon;
db1.sqlcon.Open();
db1.sqlcmd.ExecuteScalar();
success = Convert.ToBoolean(db1.sqlcmd.Parameters["@success"].Value);
}
}
catch (Exception ex)
{
Response.Write(ex.Message);
}
finally
{
if (success == true)
{
db1.sqlcon.Close();
lbl_status.Text = "Ho Gya..";
lbl_status.ForeColor = System.Drawing.Color.Green;
lbl_status.Visible = true;
}
else
{
db1.sqlcon.Close();
lbl_status.Text = "Nahi Huwa Yar.. Phr Try kro";
lbl_status.ForeColor = System.Drawing.Color.Red;
lbl_status.Visible = true;
}
}
}
private static string CreatePasswordHash(string pwd, string salt)
{
string saltAndPwd = String.Concat(pwd, salt);
string hashedPwd = FormsAuthentication.HashPasswordForStoringInConfigFile(saltAndPwd, "sha1");
return hashedPwd;
}
现在结果如下:
EG
and now the result is this:
E.G
email; abc@gmail.com , Password: 57C0E8D97D5A3652320D0CA660526DD3A1E6C235 , PasswordSalt: T3pit6T+AnxAEWFslVd5Lw==
它应该存储这个na;
it should store this na;
email: abc@gmail.com , Password: XD/9f1M211z5jv2LTazSrVgPyrc= , PasswordSalt: T3pit6T+AnxAEWFslVd5Lw==
帮助我去哪儿拧?
推荐答案
到目前为止,谷歌可以帮到你。 ..
http ://msdn.microsoft.com/en-us/library/system.web.security.membershippasswordformat(v = vs.110).aspx [ ^ ]
http://referencesource.microsoft.com/#Syste m.Web.ApplicationServices / Security / MembershipPasswordFormat.cs [ ^ ]
A little Google can get you so far....
http://msdn.microsoft.com/en-us/library/system.web.security.membershippasswordformat(v=vs.110).aspx[^]
http://referencesource.microsoft.com/#System.Web.ApplicationServices/Security/MembershipPasswordFormat.cs[^]
这篇关于Asp.net会员密码格式值设置为1的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!