Password Formats

Return to previous page

  • 4/7/2015
  • 2398 Views

Comments

2398 Views

Password Formats

Last updated 4 years ago

Comments

Common

(Enter the content of this article below)

Advanced

 

Background

Since version 3.0 DotNetNuke's user membership is built upon (and extended from) Microsofts MembershipProvider classes that ship with asp.net.

These handle the storage and retrieval of user specific information, as well as the user's passwords. Version 3.0 and above shipped with encrypted passwords set by default, but version 7.1.0 changes to hashed passwords. Users can elects to change the default by editing the following value in web.config

passwordFormat="[Clear|Hashed|Encrypted]"

PasswordFormat values

The PasswordFormat property indicates the format that passwords are stored in. Passwords can be stored in Clear, Encrypted, and Hashed password formats. Clear passwords are stored in plain text, which improves the performance of password storage and retrieval but is less secure, as passwords are easily read if your data source is compromised. Encrypted passwords are encrypted when stored and can be decrypted for password comparison or password retrieval. This requires additional processing for password storage and retrieval, but is more secure, as passwords are not easily determined if the data source is compromised. Hashed passwords are hashed using a one-way hash algorithm and a randomly generated salt value when stored in the database. When a password is validated, it is hashed with the salt value in the database for verification. Hashed passwords cannot be retrieved.
Contents
No sections defined

DNN Digest is our monthly email newsletter. It highlights news and content from around the DNN ecosystem, such as new modules and themes, messages from leadership, blog posts and notable tweets. Keep your finger on the pulse of the ecosystem by subscribing.  


Copyright 2017 by DNN Corp Terms of Use Privacy
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out