Get Free OfficeClip
Contact Sales
PH: +1-770-448-7375
Customer Login

Please or Register to create posts and topics.

Decrypting Extranet Passwords

Deepa Kapoor@deepa
190 Posts
#1 · November 28, 2025, 2:31 am

We are currently using the officeclip extranet users to define who has user access to a custom built ASP.NET application. While I can get the authentication of the extranet user using the API's, I would also like a "forgot password" type functionality included on the custom built login page. The idea is simply to email the password to the registered email address.

While I can verify the userId based on the email address using the getUserIDFromEmail method in the officeclip.dbLayer.Account namespace and also grab the user details such as the encrypted password, the decryptString Method (OCSecurity namespace) returns a blank when passing in the encrypted string from the Officeclip database. How do I go about emailing them an decrypted password?

Thanks

Dan

Click for thumbs down.0Click for thumbs up.0
Deepa Kapoor@deepa
190 Posts
Topic Author
#2 · November 28, 2025, 2:31 am

This is because OfficeClip uses one-way encryption for creating the password. In other words a password created in OfficeClip cannot be decrypted (for security reasons). The trick is to encrypt the incoming password using the same algorithm and then compare both the encrypted values. Here is a code snippet.

Code:


public bool ComparePassword(string email_address, string password, int organizationId)
{
    // Encrypt the password that user has entered
    string encryptedPassword = OfficeClip.Utils.OCSecurity.EncryptPassword(password);
    // Now get the password from the OfficeClip database
    int userId = (new OfficeClip.DBLayer.Account.UserDB()).GetUserIdFromEmail(email_address, true); // the last argument denotes extranet users
    OfficeClip.BusinessLayer.Account.UserInfo uInfo = (new OfficeClip.DBLayer.Account.UserInfoDB()).GetUserInfo(userId, organizationId);
    return (encryptedPassword == uInfo.Password) ? true : false;
}

In order to send a new password to the user using the forgot password link, you will need to follow this sequence:

  1. Create a random password
  2. Encrypt the password using the call shown above
  3. Update the OfficeClip user record to save the encrypted password (use OfficeClip.DBLayer.Account.MainDB.ResetPassword(userId, EncryptedPassword)), this will also set the ResetPassword flag in the user table that you can use to force the user to reset their password.
  4. Email user the unencrypted password (created in step 1)

Within OfficeClip, there is an algorithm to do just that. Let me know if you need more information.

Click for thumbs down.0Click for thumbs up.0
Last edited on November 28, 2025, 2:32 am by Deepa Kapoor
logoTransparent

Products

Timesheet Software

Contact Manager

Issue Tracker

Pricing

Solutions for...

Startups

Small Businesses

Large Enterprises

Recruitment Agencies

Accountants

Health Care

Construction

IT Management

Resources

Blog

Templates Hub

Knowledge Hub

Help Center/Support

Time Tracking Statistics

Integrations

Compare

Company

What's New!

About Us

Contact Us

Customer Reviews

Get the OfficeClip App

Get it on Google Play Download on the App Store

© 2025 OfficeClip, Inc. All Rights Reserved.

|

Privacy Policy

|

Terms of Use

|

GDPR

|