I set my password "13579" and the authentication mode forms convert it to MD5 like "mEXg8klnq0TwPFvAqytULA==" but after couples of 开发者_如何学Pythonminutes I tried again and create another one by the same password "13579" but it converts to different one like "uM4gH8HO8cvoE0slg6OyKA==" what is the structure of MD5 ? Is it related to my username and time? I want to create the same password for my users so I couldn't create the same password if it is depend on time.
Your password is salted by ASP.NET Membership provider - take a look at your database, there will be a column in Users table that contains the salt. Provider generates the salt for each user and stores it in the table. This salt is then used to encrypt the password. As each user has a different salt value the same password in clear text will be different when encrypted.
You probably want to use the provider without salting - try Googling for 'ASP.NET Membership Provider no salt' but you will probably will end up subclassing your own provider. I don't think there is an option on provider settings in web.config to turn salting off.
MD5 is a deterministic algorithm, therefor you're probably experiencing "salted hashes". That means, that some string or other data (e.g. a timestamp) is encoded in the password as "salt" to strengthen it.
Look out for a database column called salt in the database of check the md5-results of your password appended with a creation-date timestamp to find the salt.
That final form is not MD5 but BASE-64, an MD5 hash looks like this: 9e107d9d372bb6826bd81d3542a419d6
MD5 should indeed generate the same hash given the same input parameters, however without specific implementation details it's hard to say what would cause the difference you see.
It's mostly likely some kind of salt value that changes, if you are unsure what a salt value is, see here.
You see those == signs at the end of strings.. thats for Base64 converted string.and = sign is used for padding.
As for the string you are getting. It is different because ASP.Net membership Provider assigns a different salt with each different user so you get different hashes even if user name is same.
But anyway if you have set same password for both users you can login with using the same password.. because internally the Mix of Salt and Same Password will always match to the their respective hashes.
MD5's results are consistent, but you'll probably find the username is being used too, so the difference is because of different usernames. (Time wouldn't be useful, because you wouldn't be able to match the hashed password against anything).
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论