MVC :: Allow The User To Reset Their Password?
Mar 23, 2010How do you allow the user to reset their password if they have forgotten it and have the new password sent to their email address?
View 2 RepliesHow do you allow the user to reset their password if they have forgotten it and have the new password sent to their email address?
View 2 Repliesi am working on membership concepts in asp.net. Now i want to reset new password and getpassword for specific user.
this is my web.config code:
[code]....
Is there a way to reset a user's password while logged in as an administrator? I just had to delete a user and re-create him in order to achieve the same affect of resetting his password, so I'm wondering if there is a better way to reset a password.
View 1 RepliesI am working on membership concepts in asp.net. Now i want to reset new password and getpassword for specific user.
this is my web.config code:
<add name="MySqlMembershipProvider" connectionStringName="SQL2005DB380ConnectionString" applicationName="MyAppName" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" passwordFormat="Encrypted" enablePasswordReset="true" minRequiredNonalphanumericCharacters="1"
passwordAttemptWindow="10" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
How can I get old password and reset new password.
ser enters email addressafter submit, an email is sent to the user The email will include a link that will take the user to a reset password page.Now, how do I fetch user's ID based on the email address and encrypt it? Then what should link be? Like, what I want is fetch the User ID then encrypt it somehow so that the link doesn't contain the actual ID and that link will take the user to a page that will have textboxes to reset the password. I am just confused how to go about it.Also is this the secure way? To reset a password like this?
View 2 RepliesI am creating a website for reset the password in one of the application from the back end.
I have created a webpage with only one button called "RESET".
If user click the button, it should check the user have already access the application from the "USER" table. If no access, the message appears "You do not have an access."
If yes, next step whether the user have authenticate. If yes update the encrypted password from new table called "UMRESET" to the application table "USER" password.
I have an Intranet web site that uses Windows Authentication and when a users password expires the do not get a prompt letting them reset it. We also have OWA and if they go there to check mail, it sends them to a page which allows them to reset it there. How can I trap for expired passwords and allow them to change it like they can with OWA?
View 1 RepliesDoes anyone has a solution (sample code) for the following features:
Create a randomGuid/Cryptographically strong random number Send a unique URL containing the random number to the user's email address When confirmed, the user is asked to change password
My provider is currently parametrized this way:
[code]....
The security issues with this type of procedure have been discussed here before.
When a user that has their IE set to save passwords hits my "Reset Password" form, the first text box set with TextMode set to "Password" is populated with the users saved password. Understandable, this is not the affect I would like as this is their "old" password. I cannot set the text of a text box with mode set to "Password" (naturally). Does someone know how to suppress or clear this value when IE is saving passwords?
View 4 RepliesI am using membership control in my webapplication.On reseting password, i want control should generate password such that i can define the length of the password.
View 5 RepliesI have created a small asp.net application that allows users to reset their passwords. I am able to retrieve that last time the password was reset from the Directory Searcher object, but I'm having trouble with checking the timespan since the last password reset. The users can reset their passwords again after 24 hours have passed, otherwise they well get an error stating that they are not able to update their password at this time. Any recommendations on how to best go about doing this?
string passwordLastSet = string.Empty;
passwordLastSet = DateTime.FromFileTime((Int64)(result.Properties["PwdLastSet"][0])).ToString();
I have an xml file stored in local folder which has login credentials.
Now in Login page..There's a Forget Password button. So when user clicks forget password he gets redirected to Resetpassword.aspx page. Here I have to reset the password based on username, email and security question. May I know how to reset the password from xml file. I am a new to xml.
I have a small requirement i.e if any user forgot the passwordhe would like to reset the password by contacting an admin or mailing. Now if the admin logged in he will check for the user name if the user name matches i would like to send a mail to that user by resetting the password
View 2 RepliesI am using PasswordRecovery to reset a password and email it to the user.
I am sending an email programmatically with PasswordRecovery1_SendingMail.
In this sub, how do I get the new reset password to include it in the email?
We are using Ultramain(DB: Oracle 10g and Language: Progress) as a MRO application for aircraft health check. Ultramain has more than 3000 users and using this application around the world. Users are forgetting the password frequently and we are getting the mail minimum 10 password reset from the user. I have planned to create a website for reset the password themselves if user valid. Only one button in the website called "RESET". If user click the reset button, it should check the user have already access using the table called "USER". If users have access, it should check the user authentication. If users does have access, the message appears "You do not have an access". If authentication success,update thepassword from the table "RESETPWD" to application table "USER".
Table:
USER --- application user table
User_ID
User_name Password
12345 Nihar ahlnhTczpihljbIn
Table:
RESETPWD ---- temp table for encrypt and decrypt password.
Encrypt
Decrypt
ahlnhTczpihljbIn 1234
I'm using the built-in membership in my ASP.NET Web Forms 4 app.
I'm also using the PasswordRecovery control for handling users who have forgotten their passwords. Before I reinvent the wheel, I've decided to post this question.
As one can imagine, in most cases, people give it a few tries before requesting a password change. Of course in the process, they lock out their accounts. The problem is that password recovery does not work for locked out accounts.
How do I first unlock the account if I'm using PasswordRecovery control?
I'm looking for guidence on writing a custom password reset UI, but it must fit the Provider 'Pattern', or degrade silently to built-in defaults. E.g. my Reset Control must collect extra information, and perform differently to the standard Password Recovery Control. It must close as possible use the standard MembershipProvider interface for standard functions, and only use an extended interface for the non-standard stuff.I'd like some reading on issues such as, what must I ask the Membership Provider for, and what must I do myself. What must I tell the provider (service?) about what I do?
View 1 RepliesI have written a simple jQuery dialog box that will appear in an asp panel if the logged in user has not reset their password in the last 90 days. This is working great, however when the user types in their password and presses submit to insert the new password into the database, the parent page is posting back before the click event is fired on the user control.
Here is how it is set up:
default.aspx
<asp:Panel ID="pnlTest" runat="server" Visible="false">
<div id="dialog" title="Password must be reset">
<cms:ResetPassword runat="server" ID="reset" />
[Code]....
Whenever I click the button to change the password, the default page is calling a postback and it is blanking out the text that was input to change the password, so when the click function gets called the strings come through as "" and it throws an error.
ive a simple webform where a checkbox enable the send button, this check is used for disclaimer agreement and has autopostback set to true; when a user insert all the required data to register, including his password and the check is clicked the password fields are reset to null because of the postback, i need to leave the check at the bottom of my module and consecuently the users most likely select it as last control.
View 4 RepliesI have a Username and Password field on webform and a Submit button.Username ia validated through database on button click.Each time when i click on submit button and if Username already exist then my password gets to be removed due to postback.Please give me some solution so that when i just defocus my username field it will automatically check and display message if it exists.Please donot give Textbox ontextchanged event with update panel in conditional update mode because it will not work for me because i am using devexpress tools on my webforms.
View 1 RepliesI want to get code for reset password based on passwordquestion and passwordanswer in membership.
View 1 RepliesI have converted the change password control to a template. It is inside an update panel. After changing the password the confirm button takes the user to the success step by updating the update panel. Then by clicking the OK button, I would like to reset the password changer to its initial state so that the user can change the password again. Right now I am not sure how this is done and the control simply remains at the second step, telling the user "password has been changed" . User can press OK. What must I write in the OK button click event to reset the password control to its original state?
View 3 RepliesI'm dealing with a scenario where a legitimate user doesn't have a clue about his password, secret question or the answer. So, I was trying to create an admin tool that would help me in situations like these where the admin should be able to type in username and reset the password without having to know/enter answer to secret question. I understand that I need to make some changes to the web.config for this to work. I thought I made all the changes but my ResetPassword() requests are still not working.
Here's my web.config settings for the provider.
[Code]....
URL.... Still there will be need of url in ajax method if i put javascript in site.master.cs . As what i have understood from that mysite.master.cs will be like this :
protected void Page_Load(object sender, EventArgs e) {
try {
if (Session["Prefix"].ToString().Trim() == "sys_admin") {
UserNameMasterLabel.Text = Session["UserName"].ToString().Trim() + " (ADMIN)";
[code]....
And site.master will be like this :
And I have to put next method in DailyLog.aspx page ? like this
System.Web.Services.WebMethod(EnableSession = true)]
public static int RefreshSession() {
HttpContext.Current.Session["Name"] = "BSD";
Configuration config = WebConfigurationManager.OpenWebConfiguration("~/Web.Config");
SessionStateSection section = (SessionStateSection)config.GetSection("system.web/sessionState");
int timeout = (int)section.Timeout.TotalMinutes * 1000 * 60;
return timeout;
}
But I have several pages in my website , by doing the above story will it work for Builder.aspx ? or any other page rather than dailylog.aspx ?
My company has some unique password policies (such as a pwd cannot be re-used for 6 months, aside from the must include #, special character, upper & lower case)Can anyone suggest how to go about ensuring that a new user's password complies with these policies (using forms authentication in .net 3.5 framework)?
View 2 Replies