This documentation is archived and is not being maintained.
FormsAuthentication.HashPasswordForStoringInConfigFile Method
.NET Framework 1.1
Given a password and a string identifying the hash type, this routine produces a hash password suitable for storing in a configuration file.
[Visual Basic] Public Shared Function HashPasswordForStoringInConfigFile( _ ByVal password As String, _ ByVal passwordFormat As String _ ) As String [C#] public static string HashPasswordForStoringInConfigFile( string password, string passwordFormat ); [C++] public: static String* HashPasswordForStoringInConfigFile( String* password, String* passwordFormat ); [JScript] public static function HashPasswordForStoringInConfigFile( password : String, passwordFormat : String ) : String;
Parameters
- password
- The password to hash.
- passwordFormat
- The hash algorithm to use. Choices are "sha1" or "md5".
Return Value
Returns a String containing a hashed password.
Remarks
Password algorithms supported are SHA1 and MD5.
Example
[Visual Basic] <%@ Page Language="VB" autoeventwireup="true" %> <html> <head> <script runat="server"> Sub Cancel_Click(sender as Object, e as EventArgs ) userName.Text = "" password.Text = "" repeatPassword.Text = "" result.Text = "" End Sub Sub HashPassword_Click(sender as Object, e as EventArgs) If Page.IsValid Then Dim hashMethod As String If sha1.Checked Then hashMethod = "SHA1" Else hashMethod = "MD5" End If Dim hashedPassword As String hashedPassword = _ FormsAuthentication.HashPasswordForStoringInConfigFile(password.Text, hashMethod) result.Text = "<credentials passwordFormat='" + hashMethod + "'><br>" + _ " <user name='" + userName.Text + "' password='" + _ hashedPassword + "'><br>" + "</credentials>" Else result.Text = "There was an error on the page." End If End Sub </script> </head> <body> <form runat="server"> <p>This form displays the results of the FormsAuthentication.HashPasswordForStoringInConfigFile method.<br>The user name and hashed password can be stored in a <credentials> node in the Web.config file.</p> <table> <tbody> <tr> <td>New User Name:</td> <td><asp:TextBox id="userName" runat="server"></asp:TextBox></td> <td><asp:RequiredFieldValidator id="userNameRequiredValidator" runat="server" ErrorMessage="User name required" ControlToValidate="userName"></asp:RequiredFieldValidator></td> </tr> <tr> <td>Password: </td> <td><asp:TextBox id="password" runat="server" TextMode="Password"></asp:TextBox></td> <td><asp:RequiredFieldValidator id="passwordRequiredValidator" runat="server" ErrorMessage="Password required" ControlToValidate="password"></asp:RequiredFieldValidator></td> </tr> <tr> <td>Repeat Password: </td> <td><asp:TextBox id="repeatPassword" runat="server" TextMode="Password"></asp:TextBox></td> <td><asp:CompareValidator id="passwordCompareValidator" runat="server" ErrorMessage="Password does not match" ControlToValidate="repeatPassword" ControlToCompare="password"></asp:CompareValidator></td> </tr> <tr> <td>Hash function: </td> <td align="middle"><asp:RadioButton id="sha1" runat="server" GroupName="HashType" Text="SHA1"></asp:RadioButton> <asp:RadioButton id="md5" runat="server" GroupName="HashType" Text="MD5"></asp:RadioButton></td> </tr> <tr> <td align="middle" colspan="2"> <asp:Button id="hashPassword" onclick="HashPassword_Click" runat="server" Text="Hash Password"> </asp:Button> <asp:Button id="cancel" onclick="Cancel_Click" runat="server" Text="Cancel" CausesValidation="false"> </asp:Button></td> </tr> </tbody> </table> <p><asp:Label id="result" runat="server"></asp:Label></p> </form> </body> </html> [C#] <%@ Page Language="C#" autoeventwireup="true" %> <html> <head> <script runat="server"> void Cancel_Click(object sender, EventArgs e) { userName.Text = ""; password.Text = ""; repeatPassword.Text = ""; result.Text = ""; } void HashPassword_Click(object sender, EventArgs e) { if (Page.IsValid) { string hashMethod = ""; if (sha1.Checked) { hashMethod = "SHA1"; } else { hashMethod = "MD5"; } string hashedPassword = FormsAuthentication.HashPasswordForStoringInConfigFile(password.Text, hashMethod); result.Text="<credentials passwordFormat=\"" + hashMethod +"\"><br>" + " <user name=\"" + userName.Text + "\" password=\"" + hashedPassword + "\"><br>" + "</credentials>"; } else { result.Text = "There was an error on the page."; } } </script> </head> <body> <form runat="server"> <p>This form displays the results of the FormsAuthentication.HashPasswordForStoringInConfigFile method.<br>The user name and hashed password can be stored in a <credentials> node in the Web.config file.</p> <table> <tbody> <tr> <td>New User Name:</td> <td><asp:TextBox id="userName" runat="server"></asp:TextBox></td> <td><asp:RequiredFieldValidator id="userNameRequiredValidator" runat="server" ErrorMessage="User name required" ControlToValidate="userName"></asp:RequiredFieldValidator></td> </tr> <tr> <td>Password: </td> <td><asp:TextBox id="password" runat="server" TextMode="Password"></asp:TextBox></td> <td><asp:RequiredFieldValidator id="passwordRequiredValidator" runat="server" ErrorMessage="Password required" ControlToValidate="password"></asp:RequiredFieldValidator></td> </tr> <tr> <td>Repeat Password: </td> <td><asp:TextBox id="repeatPassword" runat="server" TextMode="Password"></asp:TextBox></td> <td><asp:CompareValidator id="passwordCompareValidator" runat="server" ErrorMessage="Password does not match" ControlToValidate="repeatPassword" ControlToCompare="password"></asp:CompareValidator></td> </tr> <tr> <td>Hash function: </td> <td align="middle"><asp:RadioButton id="sha1" runat="server" GroupName="HashType" Text="SHA1"></asp:RadioButton> <asp:RadioButton id="md5" runat="server" GroupName="HashType" Text="MD5"></asp:RadioButton></td> </tr> <tr> <td align="middle" colspan="2"> <asp:Button id="hashPassword" onclick="HashPassword_Click" runat="server" Text="Hash Password"> </asp:Button> <asp:Button id="cancel" onclick="Cancel_Click" runat="server" Text="Cancel" CausesValidation="false"> </asp:Button></td> </tr> </tbody> </table> <p><asp:Label id="result" runat="server"></asp:Label></p> </form> </body> </html>
[C++, JScript] No example is available for C++ or JScript. To view a Visual Basic or C# example, click the Language Filter button
in the upper-left corner of the page.
Requirements
Platforms: Windows 2000, Windows XP Professional, Windows Server 2003 family
See Also
FormsAuthentication Class | FormsAuthentication Members | System.Web.Security Namespace
Show: