"Denver Braughler" <[EMAIL PROTECTED]> schreef in bericht news:[EMAIL PROTECTED] > Geert Cobbaut wrote: > > Only problem is that the Rijndael-encrypted passwords that are now stored in > > the database are generated with Visual Studio.NET using > > System.Security.Cryptography where a key AND a vector are used to encrypt > > the password > > So you implement the new procedure and force everyone to change his password >
No, password stays the same, only the way it is stored in the database changes. > > and > > that Cach� $System.Encryption doesn't have the argument vector. > > and accept what Cach� gives you. > > It's called a workaround. > You store the password encrypted both ways. > > Someday when you get the .NET algorithm implemented in Cach�, you simply > delete the weaker, old version from the database and use the same version > you were using with .NET and stop sending the clear text password to Cach�. No, this change happens when a client-installation is upgraded to a newer version of our application-software, but some of our clients have customer-tailored software that is too expensive to be re-written in .NET, so for these clients we want them to have access to our older terminal-based version of our software in combination with our new standard-software.
