Custom password calculation

Copy to clipboard

This page describes how to hash or encrypt user passwords in your own way. You can find more information in Customizing providers.

  1. Open your solution in Visual Studio.

  2. Add a custom assembly (Class Library project) with class discovery enabled to the solution (or reuse an existing custom assembly).

  3. Reference the custom project from the Xperience administration project (CMSApp).

  4. Create a new class within the custom project.

  5. Set the class to inherit from the UserInfoProvider class.

  6. Override the GetPasswordHashInternal method.

  7. Add the RegisterCustomProvider assembly attribute above the class declaration to register the provider.

    


 using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Web;

 using CMS;
 using CMS.Helpers;
 using CMS.Membership;

 // Registers the custom provider
 [assembly: RegisterCustomProvider(typeof(MyUserInfoProvider))]

 /// <summary>
 /// Customized UserInfoProvider for password calculation.
 /// </summary>
 public class MyUserInfoProvider : UserInfoProvider
 {
     protected override string GetPasswordHashInternal(string password, string passwordFormat, string salt)
     {
         return SecurityHelper.GetSHA1Hash(password + "CustomSalt");
     }
 }

  8. Deploy the custom project to your separate live site (MVC) application.

The system now uses the customized provider (MyUserInfoProvider) instead of the default one, and calls your override of the GetPasswordHashInternal method.