Did anyone here migrate from old ASP.NET Membership to Umbraco? Unfortunatelly the passwords are hashed with SHA1, so probably the best way is to just move the usernames and ask all the users to use Forgot password form to create a new one with stronger algorithm. Is there a flag, which will mark users that their password expired and they would be forced to recreate a password (i.e.

failedPasswordAttempts

,

isLockedOut

,

lastPasswordChangeDate

)? Also how is the best way to fill members personal data (name, surname, gender, etc)? Is it better to make some kind of Seed method via C# solution or to write SQL scripts? https://cdn.discordapp.com/attachments/1260481685284323460/1260481685472935976/image.png?ex=668f7a8c&is=668e290c&hm=c68e12d97dc57b9ad0ea05c820706b0e1869abd5b4c9dc44f96872f1144f8c55&

Can't Umbraco switch to SHA1 and the same salting mechanism? https://docs.umbraco.com/umbraco-cms/reference/configuration/securitysettings#hash-algorithm-type Is this 14 or 8? Just guessing here, never did this.

We are using 13 but plan to go to 14. It supports SHA1, but this is considered insecure for quite some time now. Also the terminology is a bit different now comparing the DB tables, is securityStampToken now same as password salt? I doubt that just switching the algorithm would work. Also migration other user data is still a question here - SQL script, uSync files or startup seed method?