http://forums.asp.net/t/1778845.aspx/1?Unable+to+login+using+the+password+generated+by+Asp+Net+4+Membership+Provider+Reset+PasswordFri, 23 Mar 2012 15:15:41 -040017788454873151http://forums.asp.net/p/1778845/4873151.aspx/1?Unable+to+login+using+the+password+generated+by+Asp+Net+4+Membership+Provider+Reset+Password <p>Hi,</p> <p>I'm developing an application using ASP.NET 4 MVC 3. I'm using the default&nbsp;AspNetSqlMembershipProvider. We are resetting the password using MembershipUser.ResetPassword() function. The method is working fine and resetting the password in the database successfully and returning the new random generated password.&nbsp;</p> <p>The situation is we are unable to login to our application using the new password.</p> <p>FYI: my reset call is followed by the user.UnLock() method.</p> <p>MembershipUser user = Membership.GetUser(userName);<br> if (user == null)<br> throw new DataNotFoundException(&quot;Invalid User.&quot;);<br> string newPassword = string.Empty();<br> var isUnlock = user.UnlockUser();<br> if(isUnlock)<br> newPassword=user.ResetPassword();<br> return newPassword;</p> <p></p> <p>Any help in this regard is appreciated.</p> <p></p> <p>Thanks &amp; Regards</p> 2012-03-10T14:18:49-05:004873335http://forums.asp.net/p/1778845/4873335.aspx/1?Re+Unable+to+login+using+the+password+generated+by+Asp+Net+4+Membership+Provider+Reset+Password <p>If you are using the Membership Provider, you need to use the Mebership Provider to add users to the system.</p> <p>That's why most of use chose to roll our own login process by creating a Login view and an AccountController.</p> <p>The way &quot;Pro ASP.Net MVC 3 Framework&quot; teaches it, the first step is to create an Interface called IAuthProvider with a single method: <br> bool Authenticate( string memberName, string password );</p> <p>Next you would create a Concrete class called FormsAuthProvider that implements the IAuthProvider interface. It is this Concrete FormsAuthProvider class that authenticates users against the database store.</p> <p>You will need to find a way to get the FormsAuthProvider into you AccountController and that is usually done in one of two ways:</p> <p>1) Using NInject to pass it in via a reference to the IAuthProvider interface, or<br> 2) Creating a property of type IAuthProvider and setting that property from your first controllers constructor.</p> <p>If you are using a Salted Hash for the passwords (as you should be doing), there is no way to create a Reset Password process, instead I create two ChangePassword methods, one that logged in users can use, and one for the AdminConroller that only the site's Admin has access to that can reset the password for any user.</p> <p>&nbsp;</p> 2012-03-10T19:47:41-05:004873495http://forums.asp.net/p/1778845/4873495.aspx/1?Re+Unable+to+login+using+the+password+generated+by+Asp+Net+4+Membership+Provider+Reset+Password <p></p> <blockquote><span class="icon-blockquote"></span> <h4>eric2820</h4> <p></p> <p>If you are using the Membership Provider, you need to use the Mebership Provider to add users to the system.</p> <p>That's why most of use chose to roll our own login process by creating a Login view and an AccountController.</p> <p>The way &quot;Pro ASP.Net MVC 3 Framework&quot; teaches it, the first step is to create an Interface called IAuthProvider with a single method: <br> bool Authenticate( string memberName, string password );</p> <p></p> </blockquote> <p></p> <p>Hi eric,</p> <p>Thanks for your reply.</p> <p>I'm using the same login process, view and account controller. Every thing is working fine including login, logout, change password and resetting the password. After resetting the password we are unable to log into the application using the new password.</p> <p>I've checked with the hashAlgorithm by mentioning the &lt;machinekey validation=&quot;SHA1&quot;&gt; in System.Web and hashAlogrithm=&quot;SHA1&quot; in membership tags (everything is working fine except the reset password).</p> <p>but it's no use.</p> 2012-03-11T04:00:37-04:004874042http://forums.asp.net/p/1778845/4874042.aspx/1?Re+Unable+to+login+using+the+password+generated+by+Asp+Net+4+Membership+Provider+Reset+Password <p>To use a Salted Hash, you should be using:</p> <p><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">public</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">bool</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> Verify( </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">string</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> clrPassword, </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">decimal</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> memberId, </span></span><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small">IDataProvider</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> db )<br> </span></span>{<br> &nbsp; <span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small"> <span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small">Identity</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> id&nbsp;&nbsp; = db.Identity.First( i =&gt; i.Id == memberId );<br> </span></span><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small">&nbsp;Salt</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small">&nbsp;&nbsp;&nbsp;&nbsp; salt = </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">null</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small">;<br> &nbsp;</span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">if</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> ( db.Salt.Count() != 0 &amp;&amp; id.SaltIndex != 0 )<br> </span></span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; salt = db.Salt.FirstOrDefault( s =&gt; s.Id == id.Id );<br> <br> <span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">&nbsp;if</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small">( salt == </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">null</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> )<br> </span></span>&nbsp; {<br> <span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">&nbsp;&nbsp; byte</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small">[] SaltStr;<br> </span></span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; id.EncPassword = <span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small"> <span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small">Utility</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small">.Encode( id.Password, </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">out</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> SaltStr );<br> </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">&nbsp;&nbsp; long</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> count = db.Salt.Count() &#43; 1;<br> </span></span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; id.SaltIndex = count;<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; id.Password = <span face="Consolas" size="2" color="#a31515" style="color:#a31515; font-family:Consolas; font-size:small"> <span face="Consolas" size="2" color="#a31515" style="color:#a31515; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#a31515" style="color:#a31515; font-family:Consolas; font-size:small">&quot;&quot;</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small">;<br> </span></span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; salt = <span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"> <span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">new</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> </span></span><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small">Salt</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small">( (</span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">decimal</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small">) count, id.Id, SaltStr, db );<br> </span></span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; db.Identity.SqlQuery( <span face="Consolas" size="2" color="#a31515" style="color:#a31515; font-family:Consolas; font-size:small"> <span face="Consolas" size="2" color="#a31515" style="color:#a31515; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#a31515" style="color:#a31515; font-family:Consolas; font-size:small">&quot;Update [Identity] set [EncPassword] = @EncPassord, [Pasword] = @Password, [SaltIndex] = SaltIndex Where [Id] = @Id&quot;</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small">, </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">new</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> { id.EncPassword, id.Password, id.SaltIndex, id.Id } );<br> </span></span>&nbsp; }<br> <br> <span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">&nbsp;return</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> </span></span><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small">Utility</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small">.ValidatePassword( clrPassword, id.SaltIndex, id.EncPassword, db );<br> </span></span>}</p> <p>Utility class methods:<br> <br> <span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">public</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">static</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">byte</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small">[] Encode( </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">string</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> password, </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">out</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">byte</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small">[] salt )<br> </span></span>{<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small"> <span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small">Rfc2898DeriveBytes</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> rdb = </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">new</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> </span></span><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small">Rfc2898DeriveBytes</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small">( password, 128, 10000 );<br> </span></span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; salt = rdb.Salt;<br> &nbsp; &nbsp;&nbsp;&nbsp;&nbsp;<span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">return</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> rdb.GetBytes( 128 );<br> </span></span>}</p> <p><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">public</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">static</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">bool</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> ValidatePassword( </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">string</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> password, </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">decimal</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> saltIndex, </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">byte</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small">[] encPassword, </span></span><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small">IDataProvider</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> db )<br> </span></span>{<br> <span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small">&nbsp;&nbsp;&nbsp;Rfc2898DeriveBytes</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> rdb;<br> &nbsp;&nbsp;&nbsp;</span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">var</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> salt = db.Salt.FirstOrDefault( s =&gt; s.Id == saltIndex );<br> </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">&nbsp;&nbsp; if</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> ( salt == </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">null</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> )<br> &nbsp;&nbsp;&nbsp;</span></span>{<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"> <span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">return</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">false</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small">;<br> </span></span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br> <br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; rdb = <span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"> <span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">new</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> </span></span><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small">Rfc2898DeriveBytes</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small">( password, salt.SaltStr, 10000 );<br> </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">&nbsp;&nbsp; byte</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small">[] passwordEnc = rdb.GetBytes( 128 );<br> </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">&nbsp;&nbsp; return</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> </span></span><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#2b91af" style="color:#2b91af; font-family:Consolas; font-size:small">Utility</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small">.isSameByteArray( encPassword, passwordEnc );<br> </span></span>}</p> <p><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">private</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">static</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">bool</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> isSameByteArray( </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">byte</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small">[] a, </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">byte</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small">[] b )<br> </span></span>{<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"> <span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">if</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> ( a.Length != b.Length )<br> </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; return</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">false</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small">;<br> </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">&nbsp;&nbsp; for</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> ( </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">int</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> i = 0; i &lt; a.Length; &#43;&#43;i )<br> &nbsp;&nbsp;&nbsp;</span></span>{<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"> <span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">if</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> ( a[ i ] != b[ i ] )<br> </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; return</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">false</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small">;<br> </span></span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"> <span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">return</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"> </span></span><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small"><span face="Consolas" size="2" color="#0000ff" style="color:#0000ff; font-family:Consolas; font-size:small">true</span></span></span><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small">;<br> </span></span>}</p> <p>I use Utility.Encode( string password, out byte[] salt ) to generate the hashes.</p> <p>But beware, I'm having the same issue you have, when&nbsp;a new password is hashed the user is unable to log in!</p> <p>&nbsp;</p> <p><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"><span face="Consolas" size="2" style="font-family:Consolas; font-size:small"></span></span></span></span></p> 2012-03-11T19:16:30-04:004895989http://forums.asp.net/p/1778845/4895989.aspx/1?Re+Unable+to+login+using+the+password+generated+by+Asp+Net+4+Membership+Provider+Reset+Password <p>Finally, I've found the root cause for the problem and obviously solution.</p> <p>This situation was raised because of the mismatch of hashAlogorithmType used in the application. The default hashAlgorithmType in ASP.NET 4 is &quot;HMACSHA256&quot;. Initially, when I added an admin account to the database using the ASP.Net configuration tool, it hashed the password with &quot;SHA1&quot; hashing algorithm. When I tried to reset the password using the ASP.NET Membership API, it was successfully reset the password. But using the default hashing algorithm &quot;HMACSHA256&quot;.</p> <p>That made me crazy when I tried to login using the new password generated by API.</p> <p>Finally I've added the below code line and set the break point just before calling the API's reset method.</p> <p>var hashAlgorithmType = Membership.HashAlgorithmType;<br> my complete code looks like below</p> <pre class="prettyprint">MembershipUser user = Membership.GetUser(userName); if (user == null) throw new DataNotFoundException(&quot;Invalid User.&quot;); string newPassword = string.Empty(); var isUnlock = user.UnlockUser(); var hashAlgorithmType = Membership.HashAlgorithmType; if(isUnlock) newPassword=user.ResetPassword(); return newPassword;</pre> <p><br> It has given me the hint about the default hashing algorithm using by the API.</p> <p>then I've added an attribute to tag in web.config like below</p> <p>&lt;membership hashAlgorithmType=&quot;SHA1&quot;&gt;</p> <p><br> and tried again with resetting the password and login using the generated password.</p> <p>Wow! it's working.</p> 2012-03-23T15:15:41-04:00