I'm working on an ASP.NET 2.0 project that I would like to use the ASP.NET Login Controls with. My problem is that my system includes a smart client. The smart client needs to download the aspnet_users and aspnet_membership table with the user information to a local database because users will need to be able to log in while the smart client is not connected to the Internet. My question is, how can I authenticate against the downloaded user tables? The password column seems to be either encrypted or hashed. So, how can I match it up against the password entered from the login form on the smart client?
You have to manually generate the encryption and decryption keys in ASP.NET 2.0's machine.config file. Each computer needs the exact same encryption and decryption keys in its machine config file (normally each would be randomly generated and unique). They use this technique in web farm scenarios. Here is a link that should get you going.