Este artículo se tradujo automáticamente. Para ver el artículo en inglés, active la casilla Inglés. Además, puede mostrar el texto en inglés en una ventana emergente si mueve el puntero del mouse sobre el texto.
Traducción
Inglés

Enumeración MembershipPasswordFormat

 

Publicado: noviembre de 2016

Describe el formato de cifrado para almacenar contraseñas de usuarios de pertenencia.

Espacio de nombres:   System.Web.Security
Ensamblado:  System.Web.ApplicationServices (en System.Web.ApplicationServices.dll)

public enum MembershipPasswordFormat

Nombre de miembroDescripción
Clear

No es seguro, no usar. Las contraseñas no se cifran.

Encrypted

No es seguro, no usar. Las contraseñas se cifran mediante la configuración de cifrado determinada por la configuración de Elemento machineKey (Esquema de configuración de ASP.NET).

Hashed

Las contraseñas se cifran de forma unidireccional mediante el algoritmo de hash SHA1.

The T:System.Web.Security.SqlMembershipProvider class supports different password storage formats but you should only use Hashed; Clear and Encrypted are not secure. F:System.Web.Security.MembershipPasswordFormat.Clear passwords are not secure and shouldn't be used. They are stored in plain text. F:System.Web.Security.MembershipPasswordFormat.Encrypted passwords are not considered safe, as a breach that reveals your database contents can also expose the encryption key. This means your encrypted passwords could be decrypted and exposed. Passwords are encrypted when stored and can be decrypted for password comparison or password retrieval. F:System.Web.Security.MembershipPasswordFormat.Hashed passwords are encrypted using a one-way salted hash when stored in the database. When a password is validated, it is combined with a salt value and then hashed. The result is compared with the value in the database for verification. Hashed passwords cannot be retrieved.

System_CAPS_noteNota

If you are not familiar with the membership features of ASP.NET, see Introduction to Membership before continuing. For a list of other topics related to membership, see Managing Users By Using Membership.

The following example shows the element in the system.web section of the Web.config file for an ASP.NET application. It specifies the application's T:System.Web.Security.SqlMembershipProvider instance and sets its password format to Hashed.

<membership defaultProvider="SqlProvider" 
  userIsOnlineTimeWindow="20" hashAlgorithmType="SHA1">
  <providers>
    <add name="SqlProvider"
      type="System.Web.Security.SqlMembershipProvider"
      connectionStringName="SqlServices"
      enablePasswordRetrieval="false"
      enablePasswordReset="true"
      requiresQuestionAndAnswer="true"
      passwordFormat="Hashed"
      applicationName="MyApplication" />
  </providers>
</membership>

.NET Framework
Disponible desde 2.0
Volver al principio
Mostrar: