简体繁体 English

使用ASP.Net成员资格提供程序的未加密密码的最大长度是多少？

[英]What is the maximum length of an un-encrypted password using the ASP.Net Membership provider?

原文 2014-11-11 12:03:37 0 1 asp.net/ encryption/ asp.net-membership

I have a production site using the Encrypted style password storage from the SQL Membership Provider and for particularly long passwords we're getting the exception: 我有一个生产站点，该站点使用来自SQL成员资格提供程序的Encrypted样式密码存储，对于特别长的密码，我们遇到了例外：

The password is too long: It must not exceed 128 chars after encrypting. 密码太长：加密后不能超过128个字符。 Parameter name newPassword . 参数名称newPassword 。

This is being thrown from MembershipUser.ChangePassword(string oldPassword, string newPassword) , although the stack may go a little deeper. 这是从MembershipUser.ChangePassword(string oldPassword, string newPassword)抛出的，尽管堆栈可能会更深一些。

What maximum length do I need to limit my users to so that we don't see this error if they provide a password of that length? 我需要将用户限制为最大最大长度，以便如果他们提供该长度的密码就不会出现此错误？

I realise that we should really have been using Hashed which should result in a more consistent result, but as a short term fix before we convert all the existing passwords I'd like to reduce the maximum number of characters a user can enter to keep the encrypted length under this limit. 我意识到我们确实应该使用Hashed ，这将导致更一致的结果，但是作为短期修复，在转换所有现有密码之前，我想减少用户可以输入的最大字符数，以保持在此限制下的加密长度。

1 个解决方案

According to the documentation , it is exactly 128 chars in the database. 根据文档，数据库中正好是128个字符。 It also can vary with the encryption strategy and what is in the string. 它也可能随加密策略和字符串中的内容而变化。

使用ASP.Net会员提供商忘记密码？ - Forgot password using ASP.Net membership provider?

从用户的开发人员位置检索密码，该密码由ASP.NET成员资格提供程序加密 - Retrieve the password from developer point of the user, which is encrypted by ASP.NET membership provider

对于Asp.Net成员资格提供程序，PasswordFormat.Encrypted是否安全？ - Is PasswordFormat.Encrypted secure for Asp.Net membership provider?

asp.net SQLMembershipProvider和Umbraco成员身份提供程序中的加密密码 - Encrypted passwords in asp.net SQLMembershipProvider and Umbraco membership provider

asp.net加密的会员密码和用户名检索 - asp.net encrypted membership password & username retrieval

从 ASP.NET 2.0 成员资格中解密“加密”密码 - Decrypting an 'Encrypted' password from ASP.NET 2.0 Membership

使用ASP.NET成员资格提供程序进行模拟 - Impersonation using ASP.NET Membership Provider

使用ASP.NET成员资格提供程序（哈希格式），我无法重置密码 - Using the ASP.NET membership provider (hashed password format) I am unable to reset password

更改自定义ASP.NET成员资格提供程序中的最小UserName长度？ - Changing the minimum UserName length in a custom ASP.NET Membership Provider?

电子邮件替换中的ASP.NET成员资格提供程序密码 - ASP.NET Membership provider password in email replace

暂无

暂无

声明:本站的技术帖子网页，遵循CC BY-SA 4.0协议，如果您需要转载，请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用ASP.Net会员提供商忘记密码？ - Forgot password using ASP.Net membership provider? 从用户的开发人员位置检索密码，该密码由ASP.NET成员资格提供程序加密 - Retrieve the password from developer point of the user, which is encrypted by ASP.NET membership provider 对于Asp.Net成员资格提供程序，PasswordFormat.Encrypted是否安全？ - Is PasswordFormat.Encrypted secure for Asp.Net membership provider? asp.net SQLMembershipProvider和Umbraco成员身份提供程序中的加密密码 - Encrypted passwords in asp.net SQLMembershipProvider and Umbraco membership provider asp.net加密的会员密码和用户名检索 - asp.net encrypted membership password & username retrieval 从 ASP.NET 2.0 成员资格中解密“加密”密码 - Decrypting an 'Encrypted' password from ASP.NET 2.0 Membership 使用ASP.NET成员资格提供程序进行模拟 - Impersonation using ASP.NET Membership Provider 使用ASP.NET成员资格提供程序（哈希格式），我无法重置密码 - Using the ASP.NET membership provider (hashed password format) I am unable to reset password 更改自定义ASP.NET成员资格提供程序中的最小UserName长度？ - Changing the minimum UserName length in a custom ASP.NET Membership Provider? 电子邮件替换中的ASP.NET成员资格提供程序密码 - ASP.NET Membership provider password in email replace

相关标签

粤ICP备18138465号 © 2020-2024 STACKOOM.COM