MembershipPasswordFormat 枚举


描述用于存储成员身份用户密码的加密格式。Describes the encryption format for storing passwords for membership users.

public enum class MembershipPasswordFormat
public enum MembershipPasswordFormat
type MembershipPasswordFormat = 
Public Enum MembershipPasswordFormat


Clear 0

不安全,请勿使用。Not secure, do not use. 密码未加密。Passwords are not encrypted.

Encrypted 2

不安全,请勿使用。Not secure, do not use. 使用由 machineKey 元素 (ASP.NET 设置架构) 的元素配置确定的加密设置对密码进行加密。Passwords are encrypted using the encryption settings determined by the machineKey Element (ASP.NET Settings Schema) element configuration.

Hashed 1

使用 SHA1 哈希算法对密码进行单向加密。Passwords are encrypted one-way using the SHA1 hashing algorithm. 可以使用 属性指定与 SHA1 算法不同的哈希算法。You can specify a hashing algorithm different than the SHA1 algorithm by using the attribute.


下面的示例演示 ASP.NET 应用程序的 web.config 文件的system.web节中的machineKey 元素 (ASP.NET 设置架构)元素。The following example shows the machineKey Element (ASP.NET Settings Schema) element in the system.web section of the Web.config file for an ASP.NET application. 它指定应用程序的SqlMembershipProvider实例, 并将其密码格式Hashed设置为。It specifies the application's SqlMembershipProvider instance and sets its password format to Hashed.

此示例使用 SHA1。This example uses SHA1. 由于与 SHA1 冲突,Microsoft 建议使用 SHA256。Due to collision problems with SHA1, Microsoft recommends SHA256.

<membership defaultProvider="SqlProvider"   
  userIsOnlineTimeWindow="20" hashAlgorithmType="SHA1">  
    <add name="SqlProvider"  
      applicationName="MyApplication" />  


类支持不同的密码存储格式, 但你只应使用Hashed; SqlMembershipProviderClearEncrypted是不安全的。The SqlMembershipProvider class supports different password storage formats, but you should only use Hashed; Clear and Encrypted are not secure. 明文密码不安全, 不应使用。Clear passwords are not secure and shouldn't be used. 它们以纯文本格式存储。They are stored in plain text. 加密密码不安全, 因为泄露数据库内容也可以公开加密密钥。Encrypted passwords are not considered safe, as a breach that reveals your database contents can also expose the encryption key. 这意味着可以对加密的密码进行解密和公开。This means your encrypted passwords could be decrypted and exposed. 密码在存储时进行了加密, 可对密码进行解密或密码检索。Passwords are encrypted when stored and can be decrypted for password comparison or password retrieval. 哈希密码在存储在数据库中时使用单向加盐哈希进行加密。Hashed passwords are encrypted using a one-way salted hash when stored in the database. 验证密码时, 会将其与 salt 值组合在一起, 然后对其进行哈希运算。When a password is validated, it is combined with a salt value and then hashed. 结果与用于验证的数据库中的值进行比较。The result is compared with the value in the database for verification. 无法检索哈希密码。Hashed passwords cannot be retrieved.


如果你不熟悉 ASP.NET 的成员资格功能, 请参阅 "成员资格简介", 然后继续。If you are not familiar with the membership features of ASP.NET, see Introduction to Membership before continuing. 有关与成员资格相关的其他主题的列表, 请参阅使用成员身份管理用户For a list of other topics related to membership, see Managing Users by Using Membership.