how to Decrypt password in c#

Question

I want to decrypt password in C# I am using the below code.

public class NetFourMembershipProvider : SqlMembershipProvider
{

public string GetClearTextPassword(string encryptedPwd)
{

    try
    {
        byte[] encodedPassword = Convert.FromBase64String(encryptedPwd);
        byte[] bytes = this.DecryptPassword(encodedPassword);
        if (bytes == null)
        {
            return null;
        }

        return Encoding.Unicode.GetString(bytes, 0x10, bytes.Length - 0x10);
    }
    catch (Exception)
    {

        throw;
    }

   }

}

And my web config file is

<configuration>
<system.web>
<machineKey validationKey="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"        decryptionKey="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" decryption="3DES"   validation="SHA1" />

<membership defaultProvider="AspNetSqlMembershipProvider" userIsOnlineTimeWindow="15">
  <providers>
    <clear />
    <add name="AspNetSqlMembershipProvider"
    type="System.Web.Security.SqlMembershipProvider"
    connectionStringName="SiteSqlServer" enablePasswordRetrieval="true"
    enablePasswordReset="true" requiresQuestionAndAnswer="false"
    minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="0"
    requiresUniqueEmail="false"
    passwordFormat="Encrypted"
    applicationName="DotNetNuke"
    description="Stores and retrieves ......." />
  </providers>
</membership>
<compilation debug="true" targetFramework="4.0" />
</system.web>

At this line byte[] bytes=this.DecryptPassword(encodedPassword); I am getting the below error message.

You must specify a non-autogenerated machine key to store passwords in the encrypted format. Either specify a different passwordFormat, or change the machineKey configuration to use a non-autogenerated decryption key.

How can I convert passwords.

Please help me.

Note:- The validationkey is 40 characters and decryptionKey is a 48 charectors long data.

Thanks in Advance

If at all possible, I would avoid storing passwords in a decrypt-able format. Password encryption should be one-way. — Ron Beyer, Oct 05 '15 at 14:26
take a look here and you will find helpful answers: http://stackoverflow.com/questions/10168240/encrypting-decrypting-a-string-in-c-sharp — Riadh Ben Hassine, Oct 05 '15 at 14:43

score 4 · Answer 1 · answered Oct 05 '15 at 14:33

4

Rather trying to decrypt the password. Store the encrypted password in database...and when you want to validate password use encrypted password entered by user and compare it to encrypted password stored in DB.

Generally alogorithms like SHA or MD5 is used to perform hashing on entered password..Actually, Hashing and Encryption is two different thing.In this case, Hashing is used.

answered Oct 05 '15 at 14:33

Viru

2,228
2
17
28

I want to send the password to another server since we are changing the server. That is why I am decrypting password. Is there any way that I can Decrypt the password. – Baiju Christadima Oct 05 '15 at 16:14
Why do you want to decrypt and send password...will it not work if you send encrypted password itself? – Viru Oct 05 '15 at 17:18

how to Decrypt password in c#

1 Answers1