473,289 Members | 1,848 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,289 software developers and data experts.

.NET 2.0 - Security Question and Answer

I have set up my web application to utilize an ADAM membership
provider. Everything is going well, except I do not wish to utilize
the built-in PasswordRecovery control (I don't want the randomly
generated password emailed to the user). I want to ask the user the
security question, check the answer, and then allow them to immediately
change their password.

By utilizing the built-in CreateUserWizard, the security answer is
automatically encrypted in ADAM utlizing the machinekey in the
Web.config file. Is there a way for me to decrypt this answer? Or at
least encrypt it and compare the resulting strings?

Thanks for any help (or suggetions on how I could approach this)

Jan 10 '06 #1
1 1505
In case anyone has the same issue, I ended up overwriting what the
CreateUserWizard placed in the directory with my own value. When the
UserCreated event fires, I then overwrite the control's encrypted value
with my own. I used an SHA1 hash to secure the answer.

Now, my custom password recovery control asks for the answer, performs
the same SHA1 hash, and then compares the hash values to ensure the
correct answer was given.

Jan 25 '06 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

11
by: TC | last post by:
Hello All, I have recently had the pleasure of installing Norton Internet Security 2005 and finding that I can no longer create or open a web-based application in Visual Studio .Net. The IDE...
3
by: Uma | last post by:
Hi Here is my question .. Under Oracle right now we are having the security as .. And I want the equivalent concept in DB2 . any help --> here it is ... connect system/manager
116
by: Mike MacSween | last post by:
S**t for brains strikes again! Why did I do that? When I met the clients and at some point they vaguely asked whether eventually would it be possible to have some people who could read the data...
4
by: Paul Malcomson | last post by:
I'm trying to finish implementing security on my database. I have secured the .mdb with a .mdw file as per the MS security FAQ with no problems. The last part of security that I need to...
1
by: Jeremy S. | last post by:
..NET's code Access Security enables administrators to restrict the types of things that a .NET application can do on a local computer. For example, a ..NET Windows Forms application can be...
6
by: gfb | last post by:
This was a topic back in 2003 which has now been closed since I get the message "You cannot reply to this topic because it is more than 30 days old or has been closed by a manager." I am...
18
by: Earl Anderson | last post by:
First, I feel somewhat embarrassed and apologetic that this post is lengthy, but in an effort to furnish sufficient information (as opposed to too little information) to you, I wanted to supply all...
4
by: vincent90152900 | last post by:
How to remove Security Question and Security Answer from membership provider? Following is my codes. Please tell me how to remove Question and Answer from membership provider. Thank you for...
2
by: Ken Fine | last post by:
I want to add the security question and answer security feature to the ChangePassword control. I am aware that this functionality is built into the PasswordRecovery tool. I have implemented the...
2
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 7 Feb 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:30 (7.30PM). In this month's session, the creator of the excellent VBE...
0
by: MeoLessi9 | last post by:
I have VirtualBox installed on Windows 11 and now I would like to install Kali on a virtual machine. However, on the official website, I see two options: "Installer images" and "Virtual machines"....
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: Aftab Ahmad | last post by:
Hello Experts! I have written a code in MS Access for a cmd called "WhatsApp Message" to open WhatsApp using that very code but the problem is that it gives a popup message everytime I clicked on...
0
by: Aftab Ahmad | last post by:
So, I have written a code for a cmd called "Send WhatsApp Message" to open and send WhatsApp messaage. The code is given below. Dim IE As Object Set IE =...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.