Assuming the you haven't done anything to the normal mechanism (i.e. you are using the
SqlMembershipProvider
) when storing the password what you are doing can't work. Theoretically you can't get the password back as it is
Hashed rather than
encrypted.
Encryption is a two way algorith: if you know the relevant key(s) you can get the value back.
Hashing is different: The algorithm produces a value that is always the same for a given input and key, but the value cannot be recovered from a hash
even if you have the key. Technically the value you are trying to decrypt is a
salted hash - the salt prevents someone querying the tables from finding groups of people with the same password (which produce the same hashes) by prepending the password with random a salt. Without the salt it is easy for hackers to see who are using commonly used passwords by comparing the unsalted hashes.
You really have only three options:
1. Give up on this entirely - this might be a valid option depending on what it is you need exactly.
2. Replace or subclass the default provider
3. Use one of the built-in mechanisms to reset the password if this is what you want to acheive, see:
http://www.asp.net/web-forms/tutorials/security/admin/recovering-and-changing-passwords-cs[
^]
[Edit in response to Arasu Rajendran's comments]First, having a decryptable password represents a security risk, so I'd recommend [salted] hashing - this is why Microsoft use it in their provider.
No matter whether you choose to continue to Hash or not, you don't need to decrypt the password to change it (effectively what you are describing in your comment). Instances of the
MembershipProvider
have a reset password method which takes the current password and the new one. It is good security to check the person resetting the password knows the "old" one when supplying the new, if you are using an encrypted one you can encrypt the supplied one against the encrypted version in the backing store. If you did not take the old password, someone in an Internet cafe might log in, and leave the site without ending the session, the next user could then go to the login page and supply the new password without knowing the old.
The provider model allows a user to answer a secret question if they do not know their current password, you could do something similar for your code without needing to decrypt the password.
Finally, I strongly suggest you read this:
http://forums.devshed.com/security-and-cryptography-17/password-encryption-vs-hashing-398845.html[
^] which has a good discussion of the differences, and security comparison, between hashing and encryption.