Anyone know how to set a Machine Key in Umbraco 13 that matches Umbraco 8? I'm trying to import Users from V8 a clean V13 using uSync Complete and People Edition> The Docs say "As a result you should ensure that any Umbraco instances where you wish to sync members (users?) should have the same machineKey value in their web.config files." Simple enough I thought, but obviously v13 doesn't use a web.config file and I'm strugging to figure out how to set a machine key successfully

I am not 100% sure the docs are right on this,I think Umbraco 13 still has code in that will convert the legacy V8 passwords first time you attempt to logon, but I haven't tried it

Hey Kevin, Thanks for your reply Not sure, I tried to set the machine key like this

json
{
  "Umbraco": {
    "Security": {
      "MachineKey": {
        "ValidationKey": "XXXXXXXXXXXXX",
        "DecryptionKey": "XXXXXXX",
        "Validation": "HMACSHA256",
        "Decryption": "AES"
      }
    }
  }
}

Then imported the V8 users but no joy (login fails) This works: 1) Import users using uSync People Edition 2) Update passwords [umbracoUser].[userPassword] to the old value in v8 3) Login using old password 4) Umbraco creates a new hash in the table, old password continues to work

👍 - so for No 2. are you putting the hashed value in from the v8 table? also if you take a look at a file in the uSync/users folder does it have this value in it (just trying to understand if this is something we can do to fix on the import)

Just done this on our test environment, the steps above are incorrect, they should be 1) Import users using uSync People Edition 2) Update [umbracoUser].[passwordConfig] field to {"hashAlgorithm":"HMACSHA256"} This is what was used in V8, the uSync People Import seems to change this to or it's defaulted to {"hashAlgorithm":"PBKDF2.ASPNETCORE.V3"} 3) Login using your old password 4) Umbraco updates the password field and updates [umbracoUser].[passwordConfig] field to {"hashAlgorithm":"PBKDF2.ASPNETCORE.V3"} The V8 uSync person had this in

<?xml version="1.0" encoding="utf-8"?>
<User Key="00000017-0000-0000-0000-000000000000" Alias="email@email.com<">
  <Info>
    <Comments />
    <Name>Name</Name>
    <Username>email@email.com</Username>
    <Email>email@email.com</Email>
    <EmailConfirmed />
    <FailedAttempts>0</FailedAttempts>
    <Approved>true</Approved>
    <LockedOut>false</LockedOut>
    <Language>en-US</Language>
    <RawPassword>hashed-password-from-umbraco-8</RawPassword>
  </Info>
  <Groups>
    <Group>
      <Alias>admin</Alias>
    </Group>
  </Groups>
</User>

Cool, - So if i can work out a way of knowing this came from v8 i can set that in people edition and it might 'just' work' 🙂

We do put the algo in the users table I believe so you should be able to differentiate the algorithms (instead of just the version of Umbraco).

@Kevin Jump instead of the knowing what version you can from, maybe you could grab some info from machine config when exporting the users? This has the validation / encryption info that seems to be needed for the newer install. From our V8 ''' '''

Yes, potentially. but with Umbraco 8 only having 5 days left to live, i'm not super keen on updating our v8 code 🙂