Passwords, hashed and clear?

Topics: ASP.NET 2.0, Business Logic Layer, Controls, Themes
Sep 21, 2009 at 6:06 PM
Edited Sep 21, 2009 at 6:06 PM

I currently have passwords set to hashed and am using VistaDB Express, my question is

 

If I set the passwords to clear and change all the passwords of the users to their know club membership number, will they be able to login and and change their passwords if desired, or would all the users have to be reentered again?

Thank you.

 

Coordinator
Sep 21, 2009 at 8:54 PM

That should work -- manually change their password to a clear text password (a membership number), and change the 'passwordFormat' in the web.config to 'clear'.

If you first make a backup of the DB, then you can test it without fear of losing anything.

Also, after you set their passwords, you might want to re-start the blog just in case their old passwords are cached in memory.  Making any change to the web.config file will restart the blog.

Sep 22, 2009 at 2:16 PM

Thank you, yes it seems to be working.

I downloaded my latest database from the server and backed it up, deleted all the passwords, entered some new membership numbers, changed the web.config to clear and tested it locally and was able to login with several accounts.

I am now in the process of cutting and pasting passwords, I have about 350 accounts to change and then update as the database is changing with new accounts daily.

This way I will be able to retrieve lost and forgotten passwords easily.

Thanks again for our help.