Topics: ASP.NET 2.0
Jul 27, 2009 at 10:08 PM

If I have passwords set to hashed in the web.config, is it possible to change it to clear and still use the passwords that were hashed or would they be unusable?


Thank you.

Jul 28, 2009 at 7:16 AM

Unfortunately, they can't be unhashed.  So if you change it from Hash to Clear, then when you try to login, the clear text password will be compared to the pre-existing hashed password ... which will of course result in a non-match.