12.6. Changing Password Formats
When you configure SqlMembershipProvider, you have the option of storing passwords in cleartext, as hashed values, or as encrypted values. By default, the provider will use SHA1 hashing with a random 16-byte salt value. As mentioned in the Membership chapter, you can change the hashing algorithm by defining a different algorithm in the hashAlgorithmType configuration attribute on the <membership /> element. If you choose encrypted passwords, the provider by default uses whatever is configured for encryption on the <machineKey /> element. The default algorithm for <machineKey /> is AES, although you can change this to 3DES instead with the "decryption" attribute.
If you choose to use encrypted passwords with SqlMembershipProvider, then you must explicitly provide a value for the decryptionKey attribute on <machineKey />, because if you were allowed to encrypt with the <machineKey /> default of AutoGenerate,IsolateApps your passwords could become undecryptable. For example, there would be no way to decrypt passwords across a web farm. Also, whenever the Framework is upgraded or installed on a machine, the auto-generated machine keys are regenerated. Overall, the danger of leading developers into a dead end with encryption was so great that the provider now requires you to explicitly supply the decryption key for <machineKey />.
Normally, you set the passwordFormat configuration attribute on the provider just once. However, some confusion can arise ...
Get Professional ASP.NET 3.5 Security, Membership, and Role Management with C# and VB now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
