ASP Forum SHA1 to MD5 .net login control authorization WizzKidd | Posted 11:13am 21. October 2007 Server Time | I have an existing access database which I will be upsizing to a SQL Express database.  The problem with my old database is that i created a members table which stored all my members passwords using MD5.  Since I will be transfering all the data from the Access database into my SQL Express database, I will have 2 problems,  1) Authentication with MD5, and 2) Adding new users using MD5. I am using the login control built in to VS.NET 2005, and have already built my pages, eg, adduser, forgotpassword, and login (using their respective controls) etc etc. When I run the ASP.NET Configuration for my website, I've noticed that when I add users, their passwords are stored in the database using SHA1 (which I understand is the default).  I have read all the guidlines on the net that I can find, but im unable to to make it store the users passwords using MD5.  Remember, I need to apply this to the built-in login control's "CreateUserWizard", and all the methods/examples on the net seem to use a connection string as the example, which slightly throws me. Can anyone help me here? It is not feasible to get all my users to re-register. :( Thanks in advanced. WizzKidd Informant | Posted 0:24am 24. October 2007 Server Time | I suggest reading this article thoroughly http://msdn2.microsoft.com/en-us/library/ms998310.aspx#paght000012_step2 it describes the default encryption settings described in the hosting machines machine.config file this would be the easiest way to change the hashing from SHA1 (which is the default ) to MD5 but this should give you insight and options on what to do Reply to Post SHA1 to MD5 .net login control authorization Back to Forum Page