Massive import of users and passwords in table CMS.User

Monjoie Dominique asked on September 22, 2017 15:13

Hi,

I have to import around 1500 users (I use Import Toolkit) in the table CMS.User (FirstName, LastName, UserName, Email and UserPassword) from an Excel sheet. My problem concerns the passwords : I created them by concatenating 4 columns in my Excel sheet, so they are all unique.

Import is OK but when I take a UserName and the associated Password, impossible to connect. I saw in the table CMS.User that passwords remain like they were written in the Excel file. When I rewrite the password manually in the field, it appears under a crypted format in the table and I can use it to connect.

I try to mention SHA2SALT in a column of my file to import but without result. Can I import all these passwords in plain text and change it after (to SHA2SALT) to crypt them ? Is there a good way to avoid rewriting all the passwords manually to allow users to connect ?

Thanks,

Correct Answer

Trevor Fayas answered on September 22, 2017 15:26

Kentico's API handles a lot of that, This is all you need to do to properly set a password and let Kentico handle the encrypting:

CMS.Membership.UserInfoProvider.SetPassword("Username", "ThePassword");

What i would recommend is make a new column in your excel, and then use the CONCATENATE function to build the above line. Say column "A" is the code, Column "B" is username, and column "C" is the password. In column A in excel, put:

=CONCATENATE("CMS.Membership.UserInfoProvider.SetPassword(""",B2,""", """,C2,""");")

Then just drag that down all the way, copy and paste and run it. Little trick i use a lot.

1 votesVote for this answer Unmark Correct answer

Recent Answers


Brenden Kehren answered on September 23, 2017 14:35

It's a good security practice if you're importing users into a new system to force them to change their password on first login. You don't want them to think you can read their password which would be unsecure. So what I do is something similar to what you're doing, make a password combo that is just ridiculous and unique for each user. Then the new process is for the user to use the "forgot password" feature to:

  1. Validate their email address
  2. Reset their password
  3. Force them to adhere to your new password guidelines
2 votesVote for this answer Mark as a Correct answer

Michael Jordan answered on September 26, 2017 07:20

I know this thought doesn't appear to be perfect at first, however it is not phenomenal. Individuals are accustomed to changing their passwords at times, and will for the most part be extremely understanding about it. Numerous people have managed frameworks that power them to change their secret key at regular intervals, dissertation help | Dissertation Time and everybody has overlooked a watchword at some time.

0 votesVote for this answer Mark as a Correct answer

victoria keating answered on October 5, 2017 09:07

You need to utilize secret key each time you need to go in the Diary and after that utilization watchword to begin a page. I would prefer not to need to recollect a secret key each time I endeavor to get into my journal. I like entering a secret word once Writing Cheap Dissertation Service in the journal and when I am done I log out.

0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.