Moving from .NET 3.5 to .NET 4.0

There are lot of the projects using Membership Providers (for authentication and authorization). The user data (user info, password, roles etc) was created using the code using .NET 3.5.

Recently I wanted to start using .NET 4.0. All of a sudden my users complained about not able to login. When I did the root cause analysis, I found out the default algorithm used for hashing passwords was changed from 'SHA1'.

In order to make things work, I had to explicitly specify 'SHA1'.