1

I am using MVC5, i know that if a user forgets his password, then MVC provides the feature of forgot password and reset password. My client server is disconnected from internet or mailing, it is behind the firewalls, so i cannot use forgot password, as it might generate a link to reset password, but cannot mail it to the user to facilitate the password reset. Please suggest if there is any way to decrypt the password(to let user know if he forgets his password) like how it was available in asp.net membership by simply using the GetPassword method of the membership classes.

Thank you

Improve this question
3
  • try this in your code 'Membership.GetPassword(username, "");' might be this will help you out Commented Sep 26, 2016 at 9:02
  • I am using asp.net Identity not memebership Commented Sep 26, 2016 at 9:32
  • 1
    There is no way to "decrypt" the password. You'll have to find another way to do the password reset. Commented Sep 26, 2016 at 11:42

2 Answers 2

Reset to default
2

As far I know there is no easy way to do this in MVC5, because Identity (next gen of Membership) is using hash of password rather then encrypted password.

Password is hashed and stored in db as a hash - generally it's one-way operation (it's mean that there is no easy way to get password form hash).

Little bit more about what is hashing and salting you can read here:

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

This step to Ecrypt and decrypt password in asp.net mvc5.

  1. create class name Hashing, paste this code

    private static string GetRandomSalt()

        {
            return BCrypt.Net.BCrypt.GenerateSalt(12);
        }

        public static string HashPassword(string password)
        {
            return BCrypt.Net.BCrypt.HashPassword(password, GetRandomSalt());
        }

        public static bool ValidatePassword(string password, string correctHash)
        {
            return BCrypt.Net.BCrypt.Verify(password, correctHash);
        }

  2. Create controller login you past this code

    using WebBcryptMVC.Models; // 
using WebBcryptMVC.Util; // call folder name of Hashing class

namespace WebBcryptMVC.Controllers
{
    public class LoginController : Controller
    {

        private DBLoginEntities db = new DBLoginEntities();

        public ActionResult frmLogin()
        {
            return View("frmLogin", new tblLogin());
        }


        [HttpPost]
        public ActionResult frmLogin(tblLogin account)
        {
            var currentAccount = db.tblLogins.First(a => a.UserName.Equals(account.UserName));
            if ((currentAccount != null))
            {
                if (Hashing.ValidatePassword(account.Password, currentAccount.Password))
                {
                    Session.Add("UserName", account.UserName);
                    //return View("~/Views/Home/frmHome.cshtml");
                    return RedirectToAction("frmHome", "Home");
                }
                else
                {
                    ViewBag.error = "Invalid";
                    return View("frmLogin");
                }
            }
            else
            {
                ViewBag.error = "Invalid";
                return View("frmLogin");
            }
        }
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.