i'm trying convert vs2010 web site vs2015 web application (c#). latest issue i've run vs2015 requires sha1 or hmacsha256,384,512. old site, , used 3des. uses .net 2.0 membership encrypted passwords. i've read says .net membership uses machine key encryption when has encrypted passwords. know need switch hashed passwords, , on list of items do.
when using <machinekey compatibilitymode="framework45" /> or machinekey.protect , machinekey.unprotect apis, 'validation' attribute must 1 of these values: sha1, hmacsha256, hmacsha384, hmacsha512, or alg:[keyedhashalgorithm] the issue can't seem login after has changed. assume it's because validation using different algorithm, , no match found.
is there anyway retain validation without having decrypt every password , hash or reencrypt it? or should convert passwords hashed avoid this? or there option?
ok. turns out there compatibility mode seems work , allow me not change encryption. have add compatibilitymode="framework20sp2" machinekey in web.config follows:
<machinekey compatibilitymode="framework20sp2" validationkey="..." decryptionkey="..." validation="3des" /> hope helps else runs this.
Comments
Post a Comment