there are thousands of different approaches and methods to securely encrypt passwords - most likely this is a "salted" password, which means that a static string is attached to the password and the then encrypted, when the user logs in the password is attached
to the salt value and then if the resulting encrypted string matches - then the user is logged in. Unless you know the details (and even if you know the details) if the password is encrypted, then that means you're not meant to see it or decrypt it. I would
suggest you authenticate the user using other means, and then let them set a new password, rather than trying to retrieve their existing password.
Passwords are normally hashed not encrypted. When the user types in the password, it is hashed and hashes are compared.
Click "Mark as Answer" on the post that helped you.
This earns you a point and marks your thread as Resolved so we will all know you have been helped.
FAQ on the correct forum http://forums.asp.net/p/1337412/2699239.aspx#2699239
isjf
Member
63 Points
634 Posts
How to Decode Password?
Sep 09, 2008 02:05 AM|LINK
I'm maintain a website which is for user to retrive their password
I use oracle , C# , VS2003
the password was Encode by a .dll file. I have no idea which kind of Decode I should use to Encode Password
I don't get source code for Encode ... only the .dll to do the Encode Password
and now I want to Decode the Password , I have no idea how to do
can you please help?
my problem :
Add New Password , the password is testtest
testtest → .dll → AKYAlwClAKYApgCXAKUApg==
I don't know the .dll do what kind of Encode so the password become AKYAlwClAKYApgCXAKUApg==
now I need to recovery AKYAlwClAKYApgCXAKUApg== → testtest
how to do? is it possible?
thank you
sbillingsley
Member
642 Points
121 Posts
Re: How to Decode Password?
Sep 09, 2008 03:12 AM|LINK
there are thousands of different approaches and methods to securely encrypt passwords - most likely this is a "salted" password, which means that a static string is attached to the password and the then encrypted, when the user logs in the password is attached to the salt value and then if the resulting encrypted string matches - then the user is logged in. Unless you know the details (and even if you know the details) if the password is encrypted, then that means you're not meant to see it or decrypt it. I would suggest you authenticate the user using other means, and then let them set a new password, rather than trying to retrieve their existing password.
isjf
Member
63 Points
634 Posts
Re: How to Decode Password?
Sep 09, 2008 03:30 AM|LINK
hi, can you teach me how to set a new password for user?
step 1: when I forgot my password , enter some information then I will receive a e-mail
step 2: and a link including in e-mail , I click the link then page direct me to setting new password
do you mean that? if yes.. how to do the step 2?
if I want to including a link for user to reset password , which link I should included?
thank you
sbillingsley
Member
642 Points
121 Posts
Re: How to Decode Password?
Sep 11, 2008 06:43 PM|LINK
the method you mention is outside the scope of the membership provider - and you would need to write your own mechanism.
If you use the membership provider, then you simply call the membershipUser.ChangePassword method
TATWORTH
All-Star
72415 Points
14017 Posts
MVP
Re: How to Decode Password?
Sep 14, 2008 06:21 PM|LINK
Passwords are normally hashed not encrypted. When the user types in the password, it is hashed and hashes are compared.
This earns you a point and marks your thread as Resolved so we will all know you have been helped.
FAQ on the correct forum http://forums.asp.net/p/1337412/2699239.aspx#2699239