ASPNET_SETREG does not care about your password–Or DOES IT

If you are developing an ASP.NET application and required to have the password placed in the configuration file then you have seen this condition. The thing is that usually we would want to put the password encrypted and one way that existed since ASP.NET 1.1 is the placement of the password in the registry with encryption with the tool aspnet_setreg and then refer to the password as a registry key in the configuration file. I used this before and had no problems with it. BUT today I was faced with the weirdest issue I could ever think of. The thing is that I used this on an environment and it kept giving me that the user or password are not valid although I was using the local machine administrator. I banged my head to the wall several times until I tried to change the user password and it worked.

So I traced the error and found that the problem happens if the password has a " (double quote) in it Surprised smile

So bottom line do not use the double quotes in your password if you intend to use an encrypted version of this password.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.