Sign in Register
Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Wayne 7 posts 27 karma points
    Aug 20, 2009 @ 16:16
    Wayne
    0

    umbraco.library.md5 is not encrypting the password correctly

    The code that i am using is below. It does not seem to encrypt the password correctly as when i try to login again it says the password is incorrect.

    currentMember.ChangePassword(umbraco.library.md5(txtPassword1.Text));

    Copy Link
  • Chris Larson 48 posts 62 karma points
    Aug 20, 2009 @ 16:28
    Chris Larson
    1

    That will acutally cause the password to be encrypted twice. Try this technique instead.

     

    Member m = Member.GetMemberFromEmail(email);
    string password = txrPassword1.text;
    m    .Password = password;

    The member.password method encrypts the password based on the settings in web.config at this line:

     

    <add name="UmbracoMembershipProvider" type="umbraco.providers.members.UmbracoMembershipProvider" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" defaultMemberTypeAlias="User" requiresUniqueEmail="true" passwordFormat="hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="1" passwordAttemptWindow="10" />

    Hope that helps.

     

     

    Copy Link
  • Aaron Powell 1708 posts 3044 karma points c-trib
    Aug 21, 2009 @ 04:00
    Aaron Powell
    0

    Actually Chris if you're using Umbraco 4 the supported method is like this:

    var member = System.Web.Security.Membership.GetUser(); // returns current user, there are overloads for accessing via other info
    member.ChangePassword(member.GetPassword(), txtPassword1.Text);

    In 4.1 you'll find basically all of the members in the umbraco.businesslogic.member.Member class obsoleted as people should be using the ASP.NET Membership Provider classes.

    @Wayne - and by doing this you ensure that you use the encryption method configured in the web.config

    Copy Link

  • This forum is in read-only mode while we transition to the new forum.

    You can continue this topic on the new forum by tapping the "Continue discussion" link below.

Please Sign in or register to post replies