SHA1 Password returns as cleartext after DB query
Posted
by Code Sherpa
on Stack Overflow
See other posts from Stack Overflow
or by Code Sherpa
Published on 2010-04-07T03:56:14Z
Indexed on
2010/04/07
4:03 UTC
Read the original article
Hit count: 233
Hi.
I have a SHA1 password and PasswordSalt in my aspnet_Membership table. but, when I run a query from the server (a Sql Query), the reader reveals that the pass has returned as its cleartext equivalent.
I am wondering if my web.config configuration is causing this?
<membership defaultProvider="CustomMembershipProvider"
userIsOnlineTimeWindow="20"
hashAlgorithmType="SHA1">
<providers>
<clear/>
<add name="CustomMembershipProvider"
type="Custom.Utility.CustomMembershipProvider"
connectionStringName="MembershipDB"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresUniqueEmail="false"
requiresQuestionAndAnswer="false"
passwordStrengthRegularExpression=""
minRequiredPasswordLength="1"
minRequiredNonalphanumericCharacters="0"
passwordFormat="Hashed"
thanks in advance...
© Stack Overflow or respective owner