Instantly share code, notes, and snippets.

Embed
What would you like to do?
Update Sitecore's Identity Server to use a more robust hash algorithm for .Net membership. See https://grantkillian.wordpress.com/2019/01/02/sitecore-commerce-security-hardening-note/ for more context.
$siteNamePrompt = Read-Host "enter Identity Server website name"
$site = get-website -name $siteNamePrompt
$appSettingsPath = "{0}\wwwroot\appsettings.json" -f $site.physicalPath
<# replace:
"PasswordHashAlgorithm":"SHA1"},
with:
"PasswordHashAlgorithm":"SHA512"},
#>
(Get-Content $appSettingsPath).replace("""PasswordHashAlgorithm"":""SHA1""},", """PasswordHashAlgorithm"":""SHA512""},") | Set-Content $appSettingsPath
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment