How to Retrieve the password from asp.net membership provider from DB
I want to retreive users passwords from the db , I tried something like this :
SELECT password, passwordformat, passwordsalt
FROM aspnet_membership am
INNER JOIN aspnet_users au
ON (au.userid = am.userid)
INNER JOIN aspnet_applications aa
ON (au.applicationId = aa.applicationid)
WHERE au.username = 开发者_开发技巧'xxxxxxxxxxx'
AND aa.ApplicationId = 'xxxxxxxxxx'
But the query returns the hashed password , Is there any way i can get the original password not the hashed one. Thnx
If it is hashed you cannot retrieve it but you can recover it. Do not invent the wheel and use e.g. PasswordRecovery Control.
UPDATE:
If you by all means want to avoid using the PasswordRecovery control and want to implement this functionality by yourself you still do not need to implement your own queries to aspnet_db
. There are plenty of built in methods for most of security issues in the Membership API.
You can use something like follows to reset the password:
string username = "user";
string password = "pass@word";
MembershipUser mu = Membership.GetUser(username);
mu.ChangePassword(mu.ResetPassword(), password);
This should work in case you store hashed passwords and disable q&a. In case you want q&a be enabled you can use a workaround described here.
No you can't!! Its a hashed not encrypted
You should not store passwords as plain text
精彩评论