I spoke with John and it appears there was a miscomunication. The developer he spoke to was unaware that your ultimate goal was to replicate this logic in SQL. It is true that user passwords are hashed using MD5 and that no salt is used. Additionally the hash is ASCII encoded. In .NET the ASCII encoding process drops the most signifciant bit of characters which are none standard ASCII.
|