Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
See more: ASP.NET
I use Machine Key for Encrypt my Password in membership. How can I decrypt it?
 
I user this Machine key in web.config
 

 
<machinekey>
validationKey="56AB7132992003EE87F74AE4D9675D65EED8018D3528C0B8874905B51940DEAF6B85F1D922D19AB8F69781B2326A2F978A064708822FD8C54ED74CADF8592E17"
decryptionKey="A69D80B92A16DFE1698DFE86D4CED630FA56D7C1661C8D05744449889B88E8DC"
validation="SHA1" decryption="AES"/></machinekey>
Posted 6-Feb-13 20:00pm
Edited 6-Feb-13 20:09pm
v2
Comments
Abhishek Pant at 7-Feb-13 2:12am
   
http://stackoverflow.com/questions/4091110/maintain-asp-net-membership-passwords-during-machine-key-change
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 2

You should never make a password decryptable, but rather you should always use a hash of the password.
When a user logs in, you simply hash their password and then compare the hashes, but this should be a one-way process where decryption cannot happen.
This tip shows very well how to do this: Password Storage: How to do it.[^]
  Permalink  
v2
Comments
Espen Harlinn at 15-Feb-13 9:52am
   
5'ed!
Marcus Kramer at 15-Feb-13 9:55am
   
Thanks, Espen.
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 1

HI,
 
Here is a solution that you can use for the decription of password.
 
/// <summary>
       /// This function is  used for the decription of the password.
       /// </summary>
       /// <param name="stringToDecrypt"></param>
       /// <returns></returns>
        public static string Decrypt(string stringToDecrypt)
        {
            MemoryStream ms = null;
            byte[] inputByteArray = new byte[stringToDecrypt.Length + 1];
            try
            {
                byte[] key = { };
                string sEncryptionKey = "!#$a54?3";
                byte[] IV = { 18, 52, 86, 120, 144, 171, 205, 239 };
 
                key = Encoding.UTF8.GetBytes(sEncryptionKey);
                DESCryptoServiceProvider des = new DESCryptoServiceProvider();
                inputByteArray = Convert.FromBase64String(stringToDecrypt);
                ms = new MemoryStream();
                CryptoStream cs = new CryptoStream(ms, des.CreateDecryptor(key, IV), CryptoStreamMode.Write);
                cs.Write(inputByteArray, 0, inputByteArray.Length);
                cs.FlushFinalBlock();
                System.Text.Encoding encoding = System.Text.Encoding.UTF8;
                return encoding.GetString(ms.ToArray());
            }
            catch (Exception e)
            {
                return e.Message;
            }
            finally
            {
                ms = null;
            }
        }
 

For encription use the following:
 
/// <summary>
        /// This function is  used for the encription of the password.
        /// </summary>
        /// <param name="stringToEncrypt">String to encript</param>
        /// <returns></returns>
        public static string Encrypt(string stringToEncrypt)
        {
            MemoryStream ms = null;
            try
            {
                byte[] key = { };
                string sEncryptionKey = "!#$a54?3";
                byte[] IV = { 18, 52, 86, 120, 144, 171, 205, 239 };
                key = Encoding.UTF8.GetBytes(sEncryptionKey);
                DESCryptoServiceProvider des = new DESCryptoServiceProvider();
                byte[] inputByteArray = Encoding.UTF8.GetBytes(stringToEncrypt);
                ms = new MemoryStream();
                CryptoStream cs = new CryptoStream(ms, des.CreateEncryptor(key, IV), CryptoStreamMode.Write);
                cs.Write(inputByteArray, 0, inputByteArray.Length);
                cs.FlushFinalBlock();
                return Convert.ToBase64String(ms.ToArray());
            }
            catch (Exception e)
            {
                return e.Message;
            }
            finally
            {
                ms = null;
            }
        }
 
Thanks
  Permalink  

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



Advertise | Privacy | Mobile
Web04 | 2.8.141022.2 | Last Updated 11 Feb 2013
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100