Export (0) Print
Expand All
1 out of 9 rated this helpful - Rate this topic

FormsAuthentication.HashPasswordForStoringInConfigFile Method

Given a password and a string identifying the hash type, this routine produces a hash password suitable for storing in a configuration file.

[Visual Basic]
Public Shared Function HashPasswordForStoringInConfigFile( _
   ByVal password As String, _
   ByVal passwordFormat As String _
) As String
[C#]
public static string HashPasswordForStoringInConfigFile(
 string password,
 string passwordFormat
);
[C++]
public: static String* HashPasswordForStoringInConfigFile(
 String* password,
 String* passwordFormat
);
[JScript]
public static function HashPasswordForStoringInConfigFile(
   password : String,
 passwordFormat : String
) : String;

Parameters

password
The password to hash.
passwordFormat
The hash algorithm to use. Choices are "sha1" or "md5".

Return Value

Returns a String containing a hashed password.

Remarks

Password algorithms supported are SHA1 and MD5.

Example

[Visual Basic] 
<%@ Page Language="VB" autoeventwireup="true" %>
<html>
   <head>
      <script runat="server">
         Sub Cancel_Click(sender as Object, e as EventArgs )
            userName.Text = ""
            password.Text = ""
            repeatPassword.Text = ""
            result.Text = ""
         End Sub
    
         Sub HashPassword_Click(sender as Object, e as EventArgs)
            If Page.IsValid Then
               Dim hashMethod As String
               If sha1.Checked Then
                  hashMethod = "SHA1"
               Else
                  hashMethod = "MD5"
               End If
    
               Dim hashedPassword As String
           hashedPassword = _
                  FormsAuthentication.HashPasswordForStoringInConfigFile(password.Text, hashMethod)
    
               result.Text = "&lt;credentials passwordFormat='" + hashMethod + "'&gt;<br>" + _
                  "&nbsp;&nbsp;&nbsp;&lt;user name='" + userName.Text + "' password='" + _
                  hashedPassword + "'&gt;<br>" + "&lt;/credentials&gt;"
            Else
               result.Text = "There was an error on the page."
            End If
         End Sub
      </script>
   </head>

   <body>
      <form runat="server">
         <p>This form displays the results of the FormsAuthentication.HashPasswordForStoringInConfigFile
         method.<br>The user name and hashed password can be stored in a &lt;credentials&gt; node
         in the Web.config file.</p>
         <table>
            <tbody>
               <tr>
                  <td>New User Name:</td>
                  <td><asp:TextBox id="userName" runat="server"></asp:TextBox></td>
                  <td><asp:RequiredFieldValidator id="userNameRequiredValidator" runat="server" 
                     ErrorMessage="User name required" ControlToValidate="userName"></asp:RequiredFieldValidator></td>
               </tr>
               <tr>
                  <td>Password: </td>
                  <td><asp:TextBox id="password" runat="server" TextMode="Password"></asp:TextBox></td>
                  <td><asp:RequiredFieldValidator id="passwordRequiredValidator" runat="server" 
                     ErrorMessage="Password required" ControlToValidate="password"></asp:RequiredFieldValidator></td>
               </tr>
               <tr>
                  <td>Repeat Password: </td>
                  <td><asp:TextBox id="repeatPassword" runat="server" TextMode="Password"></asp:TextBox></td>
                  <td><asp:CompareValidator id="passwordCompareValidator" runat="server" 
                     ErrorMessage="Password does not match" ControlToValidate="repeatPassword" 
                     ControlToCompare="password"></asp:CompareValidator></td>
               </tr>
               <tr>
                  <td>Hash function: </td>
                  <td align="middle"><asp:RadioButton id="sha1" runat="server" GroupName="HashType" 
                     Text="SHA1"></asp:RadioButton>
                  <asp:RadioButton id="md5" runat="server" GroupName="HashType" Text="MD5"></asp:RadioButton></td>
               </tr>
               <tr>
                  <td align="middle" colspan="2">
                  <asp:Button id="hashPassword" onclick="HashPassword_Click" runat="server" Text="Hash Password">
                  </asp:Button>&nbsp;&nbsp; 
                  <asp:Button id="cancel" onclick="Cancel_Click" runat="server" Text="Cancel" CausesValidation="false">
                  </asp:Button></td>
               </tr>
            </tbody>
         </table>
         <p><asp:Label id="result" runat="server"></asp:Label></p>
      </form>
   </body>
</html>

[C#] 
<%@ Page Language="C#" autoeventwireup="true" %>
<html>
   <head>
      <script runat="server">
         void Cancel_Click(object sender, EventArgs e)
         {
            userName.Text = "";
            password.Text = "";
            repeatPassword.Text = "";
            result.Text = "";
         }
    
         void HashPassword_Click(object sender, EventArgs e)
         {
            if (Page.IsValid)
            {
               string hashMethod = "";
               if (sha1.Checked)
               {
                  hashMethod = "SHA1";
               }
               else
               {
                  hashMethod = "MD5";
               }
    
               string hashedPassword =
                  FormsAuthentication.HashPasswordForStoringInConfigFile(password.Text, hashMethod);
    
               result.Text="&lt;credentials passwordFormat=\"" + hashMethod +"\"&gt;<br>" +
                  "&nbsp;&nbsp;&nbsp;&lt;user name=\"" + userName.Text + "\" password=\"" +
                  hashedPassword + "\"&gt;<br>" + "&lt;/credentials&gt;";
            }
            else
            {
               result.Text = "There was an error on the page.";
            }
         }
      </script>
   </head>

   <body>
      <form runat="server">
         <p>This form displays the results of the FormsAuthentication.HashPasswordForStoringInConfigFile
         method.<br>The user name and hashed password can be stored in a &lt;credentials&gt; node
         in the Web.config file.</p>
         <table>
            <tbody>
               <tr>
                  <td>New User Name:</td>
                  <td><asp:TextBox id="userName" runat="server"></asp:TextBox></td>
                  <td><asp:RequiredFieldValidator id="userNameRequiredValidator" runat="server" 
                     ErrorMessage="User name required" ControlToValidate="userName"></asp:RequiredFieldValidator></td>
               </tr>
               <tr>
                  <td>Password: </td>
                  <td><asp:TextBox id="password" runat="server" TextMode="Password"></asp:TextBox></td>
                  <td><asp:RequiredFieldValidator id="passwordRequiredValidator" runat="server" 
                     ErrorMessage="Password required" ControlToValidate="password"></asp:RequiredFieldValidator></td>
               </tr>
               <tr>
                  <td>Repeat Password: </td>
                  <td><asp:TextBox id="repeatPassword" runat="server" TextMode="Password"></asp:TextBox></td>
                  <td><asp:CompareValidator id="passwordCompareValidator" runat="server" 
                     ErrorMessage="Password does not match" ControlToValidate="repeatPassword" 
                     ControlToCompare="password"></asp:CompareValidator></td>
               </tr>
               <tr>
                  <td>Hash function: </td>
                  <td align="middle"><asp:RadioButton id="sha1" runat="server" GroupName="HashType" 
                     Text="SHA1"></asp:RadioButton>
                  <asp:RadioButton id="md5" runat="server" GroupName="HashType" Text="MD5"></asp:RadioButton></td>
               </tr>
               <tr>
                  <td align="middle" colspan="2">
                  <asp:Button id="hashPassword" onclick="HashPassword_Click" runat="server" Text="Hash Password">
                  </asp:Button>&nbsp;&nbsp; 
                  <asp:Button id="cancel" onclick="Cancel_Click" runat="server" Text="Cancel" CausesValidation="false">
                  </asp:Button></td>
               </tr>
            </tbody>
         </table>
         <p><asp:Label id="result" runat="server"></asp:Label></p>
      </form>
   </body>
</html>

[C++, JScript] No example is available for C++ or JScript. To view a Visual Basic or C# example, click the Language Filter button Language Filter in the upper-left corner of the page.

Requirements

Platforms: Windows 2000, Windows XP Professional, Windows Server 2003 family

See Also

FormsAuthentication Class | FormsAuthentication Members | System.Web.Security Namespace

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.