Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
See more: C# ASP.NET
Hi All,
 
I have developed one log in page and registration page, and forget password page. I have given option to "forget password". If i click forget password link button i have given option "Enter Email ID" if that email id is already existing then only password send's to that email id. I am sending details "User name and Password". Password is sending to mail like "System.Byte[]". While i am sending details i need to decrypt the password. How to do that?
Guide me to resolve the issue.
 

using System;
using System.Data.SqlClient;
using System.Configuration;
using System.Data;
using System.Net.Mail;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Text;
using Chirravuri;
 
namespace HIMS.web
{
  public partial class ForgotPassword : System.Web.UI.Page
  {
    protected void Page_Load(object sender, EventArgs e)
    {
 
    }
 
    protected void btnPass_Click(object sender, EventArgs e)
    {
       
//Create Connection String And SQL Statement     
      string ConnectionString = ConfigurationManager.AppSettings["HIMSRMConnectionString"].ToString();
      string strSelect = "SELECT UserName,Password FROM Users WHERE Email = @Email";
      //string strSelect =(@"select Password , convert(varchar(50), DECRYPTBYPASSPHRASE ('12',password )) AS PWD from Users where UserName=@UserName and Password=@Password", ConnectionString);
              
    SqlConnection connection = new SqlConnection(ConnectionString);
    SqlCommand command = new SqlCommand();
    command.Connection = connection;
    command.CommandType = CommandType.Text;
    command.CommandText = strSelect;
 
    SqlParameter email = new SqlParameter("@Email", SqlDbType.VarChar, 50);
    email.Value = txtEmail.Text.Trim().ToString();
    command.Parameters.Add(email);
        
    //Create Dataset to store results and DataAdapter to fill Dataset 
    DataSet dsPwd = new DataSet();
    SqlDataAdapter dAdapter = new SqlDataAdapter(command);
    connection.Open();
    dAdapter.Fill(dsPwd);
    connection.Close();
    if(dsPwd.Tables[0].Rows.Count > 0 )
    {
      MailMessage loginInfo = new MailMessage();
      loginInfo.To.Add(txtEmail.Text.ToString());
      loginInfo.From = new MailAddress("YourID@gmail.com");
      loginInfo.Subject = "Forgot Password Information";
      loginInfo.Body = "Username: " + dsPwd.Tables[0].Rows[0]["UserName"] + "<br /><br />Password: " + dsPwd.Tables[0].Rows[0]["Password"] + "<br /><br />";
      loginInfo.IsBodyHtml = true;
      SmtpClient smtp = new SmtpClient();
      smtp.Host = "smtp.gmail.com"; 
      smtp.Port = 587;
      smtp.EnableSsl = true;
      smtp.Credentials = new System.Net.NetworkCredential("Email@id", "Password");
      smtp.Send(loginInfo);       
      lblMessage.Text = "Password is sent to you Email ID,you can Login Now <a href='Login.aspx'>Login</a>";
        
    }
    else
    {
      lblMessage.Text = "Email Address Not Registered";
    }
     
  }
      
  }
 }
 
I need to decrypt and send that password to particular email id.
Posted 2-Jul-12 19:47pm
Edited 2-Jul-12 19:49pm
v2
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 1

Normally, if the password is encrypted and when we click on forgot password we always generate a new password and update in the table and send a email on the respective email ID.
 
2nd option, use reverse engineering to get the password. i.e you will be having encrypt algo with you. Just reverse it. It will decrypt the password.
This will work only if the password is not encrypted with the non-reversible algo (like MD5 Algo).
  Permalink  
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 2

don't do it that way ...
 
If they have forgotten their password, simply reset it to random alpha-numeric string, and send that to them ... I assume you have a page that allows them to change their password
  Permalink  
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 3

When you get the password from database, as you said it comes as System.Byte[] array. Store that value into a variable then convert into string.
 
System.Byte[] array = (System.Byte)dsPwd.Tables[0].Rows[0]["Password"];
string password = ASCIIEncoding.ASCII.GetString(array);
// Your Further code..
  Permalink  
Comments
Kmurali Krishna at 3-Jul-12 1:40am
   
Yesterday i tried same concept but getting same issue.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
0 OriginalGriff 304
1 Sergey Alexandrovich Kryukov 295
2 Shweta N Mishra 216
3 Maciej Los 210
4 PIEBALDconsult 184
0 OriginalGriff 7,630
1 Sergey Alexandrovich Kryukov 7,022
2 DamithSL 5,586
3 Manas Bhardwaj 4,946
4 Maciej Los 4,525


Advertise | Privacy | Mobile
Web04 | 2.8.1411023.1 | Last Updated 3 Jul 2012
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100