Convert ASP.NET Membership Passwords from Encrypted to Hashed

Question

I\'ve developed a website that uses ASP.NET membership. Based on comments from previous sites, I decided to encrypt passwords so they could be recovered for users who forgot the

Answer 1

IMHO, Greg's response (and the associated comments) on your previous question (Changing passwordFormat from Encrypted to Hashed) is the way to go. Essentially, you want to:

1. Add a hashed membership provider
2. Loop through all of the encrypted password users,
3. For each one decrypt the password, create the hash, store it, delete the encrypted version from the database, and move on.

When you are done, all of the encrypted password users should be converted to hashed.