FormsAuthentication::HashPasswordForStoringInConfigFile Method (String^, String^)
Produces a hash password suitable for storing in a configuration file based on the specified password and hash algorithm.
Assembly: System.Web (in System.Web.dll)
public: [ObsoleteAttribute("The recommended alternative is to use the Membership APIs, such as Membership.CreateUser. For more information, see http://go.microsoft.com/fwlink/?LinkId=252463.")] static String^ HashPasswordForStoringInConfigFile( String^ password, String^ passwordFormat )
The password to hash.
Return ValueType: System::String^
The hashed password.
Themethod creates a hashed password value that can be used when storing forms-authentication credentials in the configuration file for an application.
Authentication credentials stored in the configuration file for an application are used by the Authenticate method to verify passwords for users of an application. Alternatively, you can use ASP.NET membership to store user credentials. For more information, see Managing Users by Using Membership.
The following code example takes a user name, password, and hash type and displays the section of the configuration that includes the user definition and hashed password.
This example contains a text box that accepts user input, which is a potential security threat. By default, ASP.NET Web pages validate that user input does not include script or HTML elements. For more information, see Script Exploits Overview.
Available since 1.1