how to use hashed password in impersonate of ASP.NET

Question

I have an ASP.NET application that requires impersonation as an administrator user. In web.config:

<identity impersonate="true" userName="administrator" password="password"/>

The customer complained about saving the password in clear text format. Is there a way to save the password here as hashed?

score 3 · Accepted Answer · answered May 26 '10 at 12:36

3

aspnet_regiis with the appropriate switch should do the trick, see this article.

answered May 26 '10 at 12:36

Ta01

thanks, I also found a windows application that encrypt the config file http://blogs.msdn.com/b/knowledgecast/archive/2008/07/29/encrypting-configuration-settings-in-net-2-0.aspx – ala May 26 '10 at 13:42

1 Answers1