Home/ Questions/Q 4618548
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-22T02:16:58+00:00

I’m using the ASP.Net Login control to login a web application. When the user

  • 0

I’m using the ASP.Net Login control to login a web application. When the user submits the form, I want to call a function to encrypt the password before ASP.Net sends the information for authentication.

I tried to add a Customer Validator on the password field and if the password is not empty, the Password.Text will be replaced with the encrypted value. However, it seems ASP.Net still sent the original password for authentication.

I also tried adding a onClick event on the login button to encrypt the password but ASP.Net still sent the original password for authentication.

Is there a way to do this? Thank you!

UPDATE:

I’m sorry for not making this clear. What I need is to encrypt the password at Server Side.

I’m not using ASP.Net Membership to encrypt or hash the password while registering a user. The passwordFormat property has been set to “Clear”.

What I am doing is:

  1. While a new user registers, I use a customized function to encrypt the password and save it to database.
  2. When a user tries to login, I want to use the same function to encrypt the password entered by the user and let ASP.Net to authenticate the user.

The problem I’m having is I can’t find a way to call the encrypt function before ASP.Net initiate the authentication process.

Hope this makes sense. Thank you.

Allen

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You were definitely on the right track with adding the OnClick event. If you are trying to do the encryption client-side then you will need to use the OnClientClick event instead (OnClick happens server-side and OnClientClick happens client-side). I initially assumed you were using it to call a client-side javascript function that does the encryption?

    [EDIT]

    However, if you are doing the encryption server-side, and using a Login control, then you might want to use the OnAuthenticate event:

    <asp:Login id="Login1" runat="server" OnAuthenticate="OnAuthenticate">
</asp:Login>

    Then do your encryption here:

    private void OnAuthenticate(object sender, AuthenticateEventArgs e) {
    bool authenticated = false;
    String encryptedPassword = Encrypt(Login1.Password);
    authenticated = YourAuthenticationMethod(Login1.UserName, encryptedPassword );

    e.Authenticated = authenticated;
}
private bool YourAuthenticationMethod(String username, String encryptedPassword) {
    //test the encrypted password against that retrieved from your database using the username
}
    • 0