How to check if question and password in ASP.NET membership is correct or not without using password

Question

How to check if question and password in ASP.NET membership is correct or not without using password

I have an ASP.net membership. I need to check a Custom question and answer.

I do not need to use a password because it Hashed we cannot verify it

MembershipUser msUser = Membership.GetUser ("Rasel");

thanks, Lalithambigai

+1

asp.net

UnknownIT 06 nov. '08 at 13:38

source to share

2 answers

If you store the question / answer in the membership provider (how it looks like you do), you are passing the response to the msUser.ResetPassword method. If the answer is incorrect, it will throw a MemberhipPasswordException.

0

TonyB 06 nov. '08 at 17:13

source to share

user35094 · Accepted Answer · 2008-11-06T14:28:22+0000

Ask the user a question and compare your answer with the previously provided answer?

However, the hashed password does not prevent you from verifying it. Just hash the user's response and compare the hash to the stored password hash. Note that the hashing scheme can contain salts or initialization characters to prevent dictionary attacks.

How to check if question and password in ASP.NET membership is correct or not without using password

More articles: