Description:
MySQLMembershipProvider:

GetPassword() return wrong password (when format is "encrypted"), because EncodePassword() return wrong string when format is "encrypted".

UnEncodePassword() return DecryptPassword(Convert.FromBase64String(password))) for format encrypted ("password"!!!!!).

EncodePassword() return Convert.ToBase64String(EncryptPassword(keyedBytes)), where
keyedBytes(!!!!!) is:

byte[] passwordBytes = Encoding.Unicode.GetBytes(password);
byte[] keyBytes = Convert.FromBase64String(passwordKey);
byte[] keyedBytes = new byte[passwordBytes.Length + keyBytes.Length];
Array.Copy(keyBytes, keyedBytes, keyBytes.Length);
Array.Copy(passwordBytes, 0, keyedBytes, keyBytes.Length, passwordBytes.Length);

How to repeat:
1. Set for MySQLMembershipProvider: 
   passwordFormat="encrypted"
   enablePasswordRetrieval="true"
   requiresQuestionAndAnswer="false"
1. Create user, remember his password (example, "pass")
2. User.GetPassword()
3. Compare: "pass" != "??????????pass"

?????????? - other symbols

Suggested fix:
private string EncodePassword(string password, string passwordKey, MembershipPasswordFormat format)

// Why "keyedBytes"???
if (format == MembershipPasswordFormat.Encrypted)
{
  byte[] encryptedBytes = EncryptPassword(keyedBytes);
  return Convert.ToBase64String(encryptedBytes);
}

// may be "passwordBytes"?
if (format == MembershipPasswordFormat.Encrypted)
{
  byte[] encryptedBytes = EncryptPassword(passwordBytes);
  return Convert.ToBase64String(encryptedBytes);
}

A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/44469

Fixed in 5.2.2

A note has been added to the 5.2.2 changelog:

When using encrypted passwords, the GetPassword() function would return the wrong string.