从加密的改变了passwordFormat到散列 [英] Changing passwordFormat from Encrypted to Hashed

问题描述

我发现从加密的口令转换现有的数据库散列密码的信息少得惊人。 （我是能够找到其他方式转变提供更多的信息，但它是有很大帮助没有。）

I'm finding surprisingly little information on converting an existing database from Encrypted passwords to Hashed passwords. (I was able to find a bit more information on converting the other way, but it wasn't of much help.)

由于大多数人都知道，改变了了passwordFormat 在web.config中设置只影响新用户。我有一个数据库，几百用户，我想将它们转换为使用散列密码，而不改变那些现有的口令。

As most people know, changing the passwordFormat setting in web.config only affects new users. I have a database with a couple of hundred users and I'd like to convert them to use hashed passwords without changing those existing passwords.

是任何人都熟悉的人们可能会如何处理呢？感谢您的任何提示。

Is anyone else familiar with how one might approach this? Thanks for any tips.

推荐答案

这是我跟看到多远我得到启动方式：

This is the approach I'd start with to see how far I got:

1. 在我的web.config，一个用于加密的密码，一个用于哈希创建两个MembershipProviders。


2. 通过使用加密密码供应商的所有用户环路。 （<一href=\"http://msdn.microsoft.com/en-us/library/system.web.security.sqlmembershipprovider.getallusers.aspx\">SqlMembershipProvider.GetAllUsers)


3. 使用加密密码提供商获取用户的密码。 （ MembershipUser.GetPassword ）


4. 更改用户的密码使用哈希密码提供相同的密码。 （<一href=\"http://msdn.microsoft.com/en-us/library/system.web.security.membershipuser.changepassword.aspx\">MembershipUser.ChangePassword)

1. Create two MembershipProviders in my web.config, one for encrypted passwords and one for hashed.
2. Loop through all users using encrypted password provider. (SqlMembershipProvider.GetAllUsers)
3. Get the user's password using encrypted password provider. (MembershipUser.GetPassword)
4. Change the user's password to the same password using hashed password provider. (MembershipUser.ChangePassword)

所以它会是这样的：

    <membership defaultProvider="HashedProvider">
        <providers>
            <clear />
            <add name="HashedProvider" connectionStringName="MembershipConnectionString" enablePasswordRetrieval="false"  requiresQuestionAndAnswer="false" applicationName="MyApp" passwordFormat="Hashed"  type="System.Web.Security.SqlMembershipProvider" />
            <add name="EncryptedProvider" connectionStringName="MembershipConnectionString" enablePasswordRetrieval="true" requiresQuestionAndAnswer="false" applicationName="MyApp" passwordFormat="Encrypted" type="System.Web.Security.SqlMembershipProvider" />
        </providers>
    </membership>

code：

SqlMembershipProvider hashedProvider = (SqlMembershipProvider)Membership.Providers["HashedProvider"];
SqlMembershipProvider encryptedProvider = (SqlMembershipProvider)Membership.Providers["EncryptedProvider"];

int unimportant;
foreach (MembershipUser user in encryptedProvider.GetAllUsers(0, Int32.MaxValue, out unimportant ))
{
    hashedProvider.ChangePassword(user.UserName, user.GetPassword(), user.GetPassword());
}

这篇关于从加密的改变了passwordFormat到散列的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！