How can I use the same encryption that asp.net mvc4 uses?

Question

Yes hashing is better but...

So I knew I would regret this but here we go. I started a new project and decided I would use the built-in Microsoft membership stuff in MVC 4 (BasicMembership) so that I didn't have to write the registration, login, oauth, etc...

Now I want to modify some of this behavior and use as much best practice as possible. This came about because I decided I would need to associate multiple users under 1 parent (company) - I know I can do all of the work in the controller and still accomplish this, but that is not my desire.

Here is my problem/desire:

1.) I want to create the entries in SQL tables UserProfile/WebPages_Membership myself. I want to do this in my repository and I don't want it to be coupled to ASP.NET. The problem is that MVC is encrypting the password via IMembershipAdapter that I do not have access to. How can I use the same encryption key to encrypt the data so that I can accomplish #2?

2.) I dont want to re-invent the wheel entirely so I would still like to use some of the features such as:

WebSecurity.Login(model.UserName, model.Password, persistCookie: model.RememberMe)

3.) I don't want my business logic in the controller! While I am working at the repo level, all of the orchestration will take place in the business tier.

Thanks for taking the time to read my post :-)

Answer 1

First of all did you look at: ASP.NET MembershipProvider -- How exactly does it do encryption?

Second thig maybe use something already done like: CodeFirst Membership Provider it allows you to create own tables using EF code first.