I am new to asp.net 4.0 and I am having a hard time changing the PasswordRecovery to email instead of username. here is my aspx page (the page won't hit the vb code unless i enter the username not the email)
[Code]....
Is it possible to create a passwordRecovery by the email address instead of the username? A lot of our members forgot their username.
View 1 RepliesI have a PasswordRecovery control set up on an ascx control as shown below. In some cases users have gotten two emails with different passwords sent at the same time. They're insistent that they haven't hit the button twice. I am using the CSSFriendly adapters, so I can take that off and see if it corrects the problem. Otherwise I suppose I could put this on the aspx page rather than a control.
<asp:PasswordRecovery ID="PasswordRecovery1" runat="server"
Is it possible to use the PasswordRecovery control to recover a password using the email address instead of the user name?
Ideally I'd like to have the PasswordRecovery control allow users to enter their email address instead of their user name and then proceed to answer the security question.
I'm working on a project in VS 2010 that was created in VS 2005 & 2008. I am using the standard PasswordRecovery control. When a goes through the password recovery process, everything appears to be normal. They enter their user name, have to answer the security question, then the "Your password has been sent to you" message is displayed. But, the email is never received. I have tried user names with several different email addresses, but no messages are received. What is a good way to debug this? Here are my settings:
In web.config:
<appSettings>
<!-- The following line is set up for Gmail (otherwise, value="localhost") -->
<add key="MailServer" value="[URL]"/>...
Membership Provider:
<providers><add name="CustomizedMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="SiteConnection" applicationName="/" enablePasswordRetrieval="false"
enablePasswordReset="true" requiresUniqueEmail="false" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0"/></providers>...
Also, all of the other emails generated from my site are being sent and received successfully.
I have a password recovery control on my login page. I want to have it send the user specified (and after question/answer filled out correctly) password in an email. I keep throwing an error though, saying that the SMTP needs authentication. I've used a lot of email capabilities in my application, but I set all the SmtpClient properties programmatically, so I never had to rely on system.net mailSettings section of the web.config file. But now I am relying on it, because I am not intercepting any events (unless that would be easiest) of the password recovery control. Here is my system.net excerpt from my web.config file:
[Code]....
What am I not doing here to specify SMTP authentication? Why am I throwing this error? I'm putting my credentials in there with username and password. Am I not configuring the PasswordRecovery control correctly?
I'm using asp.net's built-in membership provider with security question-and-answer enabled for password recovery against a SQL Server 2005 db. For some users, this works fine and they're able to receive their passwords. For others, and it's not clear what separates the two groups, the security answer is never properly processed. It doesn't matter if the answer is correct or incorrect, the page merely reloads without confirming or denying the request.As for events, VerifyingAnswer is being triggered, but not AnswerLookupError (if answer is incorrect) or SendingMail (if answer is correct). I ran a SQL trace during one instance, and the aspnet_Membership_GetUserByName stored procedure is being called, but nothing else gets called after. I would expect that aspnet_Membership_GetPassword would be called, which passes the security answer as a parameter, but it isn't.
View 2 RepliesI have asked the following question multiple times but did not receive any proper reply.
I have a web page which is using PasswordRecovery control.
Its working fine but I have a scenario in which I have to disable Viewstate for the whole application.
Now after disabling viewstate when I visit the webpage I have noticed that PasswordRecovery controls is not working (Every times when I submit the default button to go to step 2, the postback occur but not moving to step 2).
I'm customizing the look and feel of the PasswordRecovery control. The problem is this. I've already set the "Search" button on my site as the default button. I've noticed that all the buttons used in customizing PasswordRecovery use "Button" as their IDs. So in my Page_Load() event, I tried this.Form.DefaultButton = pr1.FindControl("Button").UniqueID; where pr1 is the PasswordRecovery control. But I keep getting "Object reference not set to an instance of an object" error where I try to set Button as the default button.How do I make sure that the user can actually hit "Enter" to use PasswordRecovery as opposed to having to click the buttons?
View 4 RepliesI've build a PasswordRecovery, but it always returns this error code. What is wrong?
The aspx code:
[Code]....
I don't use any code behind, maybe i sould do? but what, it should work without any coding? The txt file:
Bij deze ontvangt u uw nieuwe wachtwoord:<br><br>
Gebruikersnaam: <% UserName %><br>
Wachtwoord: <% Password %><br><br>
Met vriendelijke groeten
I am sending an email for forgot password to the user. i have formatted the body text of Email but when i have checked that email, it is coming without any formatting.
here is the formatting code which i am sending as a string.....
[Code]....
how to make this work (I assume that no code behind is needed to make this work in its simplest form?).After user correctly answers the security question and presses submit, no email is sent. No message is displayed. Nothing. What is missing?
For reasons to long to go in to I have to change the behaviour/appearance of the Success page on our password recovery page.
We've been tasked with making the Success template identical to the UserName template i.e. with a label and text box for UserName and identical messages on both pages.
Basically our client wants no difference between successful password retireval and failure - the same message will display regardless e.g. "An email has been sent to <username> with your password."
Which reminds me - in the success/failure message they'd like the entered UserName to appear but I can only get it to appear if it's a valid username - if it's nonsense the UserName is blank.
I am using passwordrecovery control.
After entering username and keying enter key(from keyboard) it was not firing submitbutton_click event. So i have added defaultbutton property in the panel control, and it is working fine. And my problem here is..
Clicking on submit button it is showing security question. After answering the security question, i have to click on the submit button either by mouse click or tab enter.
What i need to do is.. after answering the security question, I should be able to hit enter key instead of mouse clicking on submit button.
I have a web page which is using PasswordRecovery control.
But I have a scenario in which I have to disable Viewstate for the whole application.
Now after disabling viewstate when I visit the webpage I have noticed that PasswordRecovery controls is not working (Every times when I submit the default button to go to step 2, the postback occur but not moving to step 2).
Is there any easy way of setting a failure text within the PasswordRecovery control?
I want to be able to notify users that there was a problem with sending an email. Is there a failure - counterpart to the SuccessTemplate i can use or is there any other template/control within the passwordRecovery control whose value can be set in a handler to the onsendmailerror event?
(Please don't send MSDN links to PasswordRecovery or onsendmailerror, i've read them)
i have a database query getting the email address of the user how can i put the email address of a user and code it here...
source code:
MailMessage msg = new MailMessage("usermail@abc.com", "#####@#####.com", "Mail Subject", "Mail Message");
I use master/content page and use this code (below) for validation, if I place the PasswordRecovery outside LoginView the validation is marked up correctly, but placed back inside the LoginView the PasswordRecovery compilation error is CS0103: The name 'PasswordRecovery1' does not exist in the current context.
[code]....
I have an update that changes user profile informationI have pulled the membership email in and can view the email in my table but it will not update the email when I change it.When I debug this code it seems to work fine and I beleive it was working before but suddenly stopped.I should add that I have created my own profile table and have had no problems updating all other information.Even adding the ability to update the membership password.here is my code for the update of the email:
[Code]....
Has anyone had a similar problem?I am not sure why it is not working
I am using the Login control to create a new user. I have it where if the user adds and email address, then this automatically popuplates the username textbox with the email address. I want it where if they don't have an email address then the user can just create their own username instead.
But what happens is if they create a username, but the leave the email blank, a defined error message appears saying that an email must be provided. In the login control properties I have set the property
RequireEmail to False but the message is still appearing.
Can anyone help me find out why the email is always required? I do have custom validators for other parts of the login, but have no validation set anywhere for the email.
Having spent considerable amount of time in ASP.NET security community I would like to share this.
There are three ways of resetting and changing passwords explained at
Microsoft ASP.NET site[URL]
Step 1: Helping Users Recover Lost Passwords
Step 2: Changing Passwords
Step 3: Allowing Administrators to Change Users' Passwords
In step 1 and step 2 end user passwords are sent by an email.
In Step 3: functionality is explained where administror changing the password and sending through email msg. refer "I encourage those readers interested in this functionality to become more familiar with the code and try extending the functionality to include sending an email to the user whose password was changed. Query
Is Sending passwords by emial secure enough or best security password at all? I have implemented functionality where Admin sending passwords to end users by changing once in 3 months. End users expressed their views that sending passwords by email is not secure. When there is security threat in sending passwords by email, Microsoft security experts should not emailing passwords in above mentioned article, which is still up to date.
User1 logs in with "User1" as UserName with his password. After it, he fills some form and clicks on SAVE button. After it record saves successfully, but in LoginName control shows some another user name who already logs in, on another machine. [I have number of users]
I checked the web.config file.. The access permissions are defined properly... then what is the reason of it? Everytime User name is changing randonly. So that I am unable to genrate reports.
can I change the password algorithm and still use the sqlMembershipProvider or do I have to create a new sqlMembershipProvider. If so, are they any step by step tutorials on how to do that.
View 1 Replieswell i have a simple application using an authentication (user and password) before accessing and there are several roles bound to each user.
in my web.config i have configured the acces for each page according to each role, this is an example below:
[Code]....
and i have 2 users:
1: admin (default role: administrator)
2: guest (default role: role1)
my problem is as follows:
if i give acces to the user "guest" to open the "admin.aspx" page with changin him his role from "role1" to "administrator", this one do not function except if i recharge the web.config file to the server it's just after this manipulation that this user "guest" arrives to open the page "admin.aspx".
i don't know why this problem occurs, normally changing the user role will applies instantaneously.
we want to have a fronend to a custom databasince, since I do have experiance with HTML/CSS and have used VB.NET before, I'm the one that gets to make it.
problem is, the one thing I have not used before is the autentication system in ASP.NET, I want to use single-signon for the system.
and I do have this right now, the only problem I have is how do I check if a user is logged in, and change the page content for autenticated users.
the template does have this:
[Code]....
which does indeed change the login view, problem is, how do I change this to change the pages and menu.this:
[Code]....
has to be a longer menu that also gives options to insert data into the database and/or remove/update the data.