Set password with PBKDF2 encryption in kentico 10

Ram G asked on June 27, 2019 10:11

I have to upload around 500 users in the table CMS.User (FirstName, LastName, UserName, Email,UserPassword and UserPasswordFormat) from an Excel sheet.

How to encrypt the password and save it in the database?

In the web.config code is -

I using below code.

            var newUser = new UserInfo
            {

            UserName = userDto.Email,
            UserEnabled = true,
            FirstName = userDto.FirstName,
            LastName = userDto.LastName,
            FullName = userDto.FirstName + " " + userDto.LastName,
            Email = userDto.Email,
            UserPasswordFormat = userDto.UserPasswordFormat,                
            SiteIndependentPrivilegeLevel = CMS.Base.UserPrivilegeLevelEnum.None
        };

        var newUserSettings = newUser.UserSettings ?? new UserSettingsInfo();

        newUser.SetValue("UserPassword", userDto.UserPassword);

        newUserSettings.UserPhone = userDto.PhoneNumber;

        UserInfoProvider.SetUserInfo(newUser);

        UserInfoProvider.AddUserToSite(newUser.UserName, site.SiteName);     

Correct Answer

Dmitry Bastron answered on June 27, 2019 10:39

Hi!

In your code instead of

newUser.SetValue("UserPassword", userDto.UserPassword);

you should use:

UserInfoProvider.SetUserInfo(newUser); // saves user to DB
UserInfoProvider.SetPassword(newUser, userDto.UserPassword); // saves hashed password

Kentico uses CMSHashStringSalt app setting for hashing passwords as well.

2 votesVote for this answer Unmark Correct answer

Recent Answers


Ram G answered on June 27, 2019 12:10

Hi, Its working fine. Thanks.

0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.