Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All

FormsAuthentication.HashPasswordForStoringInConfigFile Method

Note: This API is now obsolete.

Produces a hash password suitable for storing in a configuration file based on the specified password and hash algorithm.

Namespace:  System.Web.Security
Assembly:  System.Web (in System.Web.dll)

[<ObsoleteAttribute("The recommended alternative is to use the Membership APIs, such as Membership.CreateUser. For more information, see http://go.microsoft.com/fwlink/?LinkId=252463.")>]
static member HashPasswordForStoringInConfigFile : 
        password:string * 
        passwordFormat:string -> string

Parameters

password
Type: System.String

The password to hash.

passwordFormat
Type: System.String

The hash algorithm to use. passwordFormat is a String that represents one of the FormsAuthPasswordFormat enumeration values.

Return Value

Type: System.String
The hashed password.

ExceptionCondition
ArgumentNullException

password is a null reference (Nothing in Visual Basic)

-or-

passwordFormat is a null reference (Nothing in Visual Basic).

ArgumentException

passwordFormat is not a valid FormsAuthPasswordFormat value.

The HashPasswordForStoringInConfigFile method creates a hashed password value that can be used when storing forms-authentication credentials in the configuration file for an application.

Authentication credentials stored in the configuration file for an application are used by the Authenticate method to verify passwords for users of an application. Alternatively, you can use ASP.NET membership to store user credentials. For more information, see Managing Users by Using Membership.

The following code example takes a user name, password, and hash type and displays the credentials section of the configuration that includes the user definition and hashed password.

Security noteSecurity Note

This example contains a text box that accepts user input, which is a potential security threat. By default, ASP.NET Web pages validate that user input does not include script or HTML elements. For more information, see Script Exploits Overview.

No code example is currently available or this language may not be supported.

.NET Framework

Supported in: 4, 3.5, 3.0, 2.0, 1.1
Obsolete (compiler warning) in 4.6
Obsolete (compiler warning) in 4.6
Obsolete (compiler warning) in 4.5
Obsolete (compiler warning) in 4.5.1
Obsolete (compiler warning) in 4.5.2
Show:
© 2015 Microsoft