How To Manually Change ASP.NET MembershipProvider Passwords

How To Manually Change ASP.NET MembershipProvider Passwords

Don’t ask me why you find yourself working in ASP.NET. I know there are more effective ways to build a site.
Don’t ask me what reason could possibly explain needing to change some passwords. Why isn’t this functionality built in to the app? I know, I know…
But you’re there. Your app is using the MembershipProvider system, which saves the passwords in the database in some kind of encrypted form. And now you have to change some passwords quickly, probably for multiple embarrassing reasons, yet the app doesn’t offer you the functionality to do so, and you don’t have the time to add that functionality and re-build and re-deploy the app.
If only it were possible to go into SSMS and change the passwords using only T-SQL.
Now you can.

How Does a One-Time Password Work?

How does a one-time password work? Photo by EdwinMSarmiento If you read a previous article I wrote, you’ll remember that I mentioned the use of multi-factor authentication. One common tool for implementing the something you have factor is the one-time password. When...
The Password Must Die

The Password Must Die

Passwords are everywhere. We have too many of them. We know we shouldn’t re-use them, but we already have too many and we can’t remember another one. So we use one in multiple places and we get in trouble when one website is compromised. They cost us time and money...

The state of the art in password cracking

If you’ve read Andrew’s posts on web security (and if you haven’t go read them now – they’re great) you’ll love this Ars Technica article by Dan Goodin, “Why passwords have never been weaker – and crackers have never been...

What Your Users Don’t Know (Part 2)

(This is part 2 of a series on web security; see part 1.) In my last post we saw that what your users don’t know can hurt them. In other words, how securely you handle your users’ private data behind the scenes can have profound implications both for your...