CODEWITHSUNDEEP
c#htmlasp.netencryption
Baiju Christadima
Baiju Christadima

Reputation: 23

how to Decrypt password in c#

I want to decrypt password in C# I am using the below code.

public class NetFourMembershipProvider : SqlMembershipProvider
{

public string GetClearTextPassword(string encryptedPwd)
{

    try
    {
        byte[] encodedPassword = Convert.FromBase64String(encryptedPwd);
        byte[] bytes = this.DecryptPassword(encodedPassword);
        if (bytes == null)
        {
            return null;
        }

        return Encoding.Unicode.GetString(bytes, 0x10, bytes.Length - 0x10);
    }
    catch (Exception)
    {

        throw;
    }

   }

}

And my web config file is

<configuration>
<system.web>
<machineKey validationKey="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"        decryptionKey="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" decryption="3DES"   validation="SHA1" />

<membership defaultProvider="AspNetSqlMembershipProvider" userIsOnlineTimeWindow="15">
  <providers>
    <clear />
    <add name="AspNetSqlMembershipProvider"
    type="System.Web.Security.SqlMembershipProvider"
    connectionStringName="SiteSqlServer" enablePasswordRetrieval="true"
    enablePasswordReset="true" requiresQuestionAndAnswer="false"
    minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="0"
    requiresUniqueEmail="false"
    passwordFormat="Encrypted"
    applicationName="DotNetNuke"
    description="Stores and retrieves ......." />
  </providers>
</membership>
<compilation debug="true" targetFramework="4.0" />
</system.web>

At this line byte[] bytes=this.DecryptPassword(encodedPassword); I am getting the below error message.

You must specify a non-autogenerated machine key to store passwords in the encrypted format. Either specify a different passwordFormat, or change the machineKey configuration to use a non-autogenerated decryption key.

How can I convert passwords.

Please help me.

Note:- The validationkey is 40 characters and decryptionKey is a 48 charectors long data.

Thanks in Advance

Upvotes: 0

Views: 2436

Answers (1)

Viru
Viru

Reputation: 2246

Rather trying to decrypt the password. Store the encrypted password in database...and when you want to validate password use encrypted password entered by user and compare it to encrypted password stored in DB.

Generally alogorithms like SHA or MD5 is used to perform hashing on entered password..Actually, Hashing and Encryption is two different thing.In this case, Hashing is used.

Upvotes: 4

Related Questions