I am trying to use the asp.net contol recover password in my web page I cna load the page and enter the username and answer to the question fine but when I click on the submit button I get an error message saying System.Net.Mail.SmtpException: The operation has timed out
the stack trace is
[code]....
I have only put the recover password control on the web page I havn't added any formatting or code and all the other emails I have set to send work fine so can't see why the smtp setting would be wrong for this unless I need to add some code to my page.
Is it possible to use the PasswordRecovery control to recover a password using the email address instead of the user name?
Ideally I'd like to have the PasswordRecovery control allow users to enter their email address instead of their user name and then proceed to answer the security question.
I have finally designed the school portal. I am having another challenge now. I have created the recover password page. But when it comes to clicking submit I recive error. How do code this so that the password will be sent to my members email.
When user enters their email id i how to send email to them ? whether it is good to send their password or send a link to change password? how to make the link not working after 24 hrs/1 day?
Is it possible for a user to recover their password by entering their e-mail address alone?
Right now I am using the PasswordRecovery control, and i have security questions disabled. So all the user has to do is put their User Name, and hit submit, then their password is e-mailed to them.
But, a lot of my users forget their User Name, so right below I have a User Name recover section. The user inputs their e-mail address, and their corresponding user name shows up.
I would like to simplify this and just require the user's e-mail address to provide them their user name AND password.
according to this thread i make login page URL....i have 1 label 1radiobutton and 1 send button now i want when users enter their password,if they enter their password wrong morethan 3 time it show error that they can't login during 24 hours ,and they cann't enter password in password textbox . and when they click on radio button and click on send button it send a massage to my email and after i send them new password
3) After all this, when the test user enters the correct answer to the security question, nothing happens. I don't even receive the SuccessTemplate message--much less the test email with the password.
Is the problem that the correct answer to the security question is somehow not really being registered? Is the problem server-related? What I could I be doing wrong?
I have this code for changing a user's password when they click the password reset button (with extra code to log to ELMAH so I can try to figure out what is going wrong).
This is in ASP.NET MVC 2, using the standard aspnet membership provider, with a simple View like this:
New Password: ______ Confirm Password: ______ [Reset] [Cancel]
The route to this view is `/Account/Reset/guid`, where guid is the user's id in the aspnet membership database.
The key portion of the code is where it calls `user.ChangePassword()`. You can see that it logs a message when successful. The problem is that for some users, the success message is logged, but they can not log in with the new password. For other users it logs the success message and they can log in.
if (user.ChangePassword(pwd, confirmPassword)) { ErrorSignal.FromCurrentContext().Raise( new Exception("ResetPassword - changed successfully!")); return Json(new { Msg = "You have reset your password successfully." }, JsonRequestBehavior.AllowGet); }
The full code listing is:
[Code]....
Edit: Adding a bounty to try to get this solved. This is one of the most annoying problems on my issue list, and I have no idea how to proceed.
I got the login to work fine- go to [URL]if you want to give it a try. Here is the thing. The profile functionality doesn't work. It draws from the same set of files, it used the same connection string as the users, it work on my local machine, but blows up on GoDaddy because it cannot find the file, and when it tries to create it. The file it uses for the profile, aspnet_Profiles, is on there along with the rest of the membership files. The connection string is not defined individually. Why is it finding the user files, but not the profile file.
I have written a javascript code for handling the password functionality. The scenario is: when user wants to change the old password, he cannot fill the same old password again. I have written the code. But even the simple alert of blank textbox is not working. See the code for reference:
Javascript code:-
<script type="text/javascript"> function ltrim(str) { var reg reg = /^s+/g return str.replace(reg, "") } function rtrim(str) {
Am using ASP.NET membership authentication in a small website and i just noticed some thing funny during testing. Am trying to enable user to change their login password any time they wish, i dragged a change password control to the form, i changed the password for my test account, but now all passwords are still working.
I can login with the old password as well as the new password with this particular test account. If i try with any other random characters as the new password, i cant successfully login (which OK). But if type the old password, am able to login, if i type the new password, am still able to login, am finding this very strange.
I am using Forms Authentication in a new ASP.NET 3.5 Application.I have created the Tables in my database and run the Web Site Administration Too.When I try to create a user I get a password error no matter what I throw at it and I am becoming sure of that this is a symptom of an a setup error and not a password problem.One of the things that I notice is that my aspnet_Applications is empty and I am not sure what is supposed to fill it.I have tried to delete all the aspnet tables and done the procedure again but with the same result.
I had been trying to solve this but there is a hidden key i wish someone point me to.
I had a simple membership database with users in first the Membership Provider configured for clear password to retrieve the original password .
Now a new requirement say that the password must be hashed and reset .
I configure the Membership password to hash , and Implemented the Reset Password Module.
My problem is as follow.
If the user is new registered user with the new configuration the password and the security answer is hashed.
also when I go and reset the password it continue to be hashed.
Now I thought that with new configuration if any previous user with clear text configuration , If he use the password Reset module , because my configuration now is hashed , I expected that the new password and security answer will be hashed . what happen is old user continue in clear text even if the configuration is hashed. so If I had new users everything is fine.
old users Membership Provider somehow know they had been stored in clear text and it keep change password and security answer in clear text . If I delete this user and create it , Membership Provider understand that everything will be hashed. I need to know how it know this , I need to migrate users not to delete and recreate users .
Also if there are no solution for that , I wish Microsoft Consider it in future cause it is a real user scenario, that can happen imagine a business system that related to membership user Id , deleting users and recreate them is not a solution .
I just begin creating a website for an organization. First page to be displayed in the login page. I dont have any knowledge in ASP.NET Security. On Login page, i want to display UserName field as disabled with the useralias of the user who currently logged into Windows. Password user has to provide and it should be that user's windows password.
How do i validate that password that user has entered is his windows password?
I am developing a shopping cart with asp.net and sqlexpress. I am using aspnet authentication components to create a backend page. I designed the site to let in only authorized users in.
Yesterday, I forget my password to login to backend and asked system recover my password. with recover password of the asp.net I was able to receive the temp password. I took that and logged in, of course asp.net forward me to password change component which I am having problem with.
Every time I change my password , password change shows that I was successfull but after clicking on the continiue button password change component comes back. I went to properties of password change component and entered the main default page as destination but it is not helping.
I close the IE clear the cache , even restart the machine. When I login always taking me to the password change page.
Is there a way to assign a value to the password and confirm password fields of the CreateUserWizard control programmatically when the page loads? The CreateUserWizard.Password property is read-only.
My issue today is that i have a MySQL Database and am using the security framework provided by the ASP.NET Membership and Role Providers...I override the default methods with my own MySQL.
Now the issue comes in when i someone would like to have their password reset. My application is running entirely on an Intranet so i cannot have their passwords emailed to them. Is there a way i can have this information displayed in any way so that the user can use it to Log Reset, Create Accounts or Recover their lost passwords on an intranet without the administrators intervention?
Recently i had an approach as follows. In my web.config<system.net><mailSettings><smtp deliveryMethod="pickupDirectoryLocation" and my location was a folder on C drive as c:/SavedPasswords. Now i understand this was such a big security threat and thats why i am looking for a better option.
I would have that folder created using my System.IO and then the Mail is dropped into that folder. Then after the process is successful, i tell the user to check into that location and Read its content.
Then there is a global variable that is set to true...meaning that the folder at c:/ has been created. then there is a Method in a certain class that once it sees this variable True, it reads the readers c:/ and deletes that folder "save" if it exists;
I would like to encrypt the password and store it in DB. And if user forgots the password and request for password i have to send him a dummy password to his mail id how can i implement this if any code available At the time of registration i have to encrypt or salt the password and save it to DB..
Am trying to open a .pps/.ppt file through my vb.net code.....due to secure reasons this file is password protected,
However i will not like the end user to put a password when accessing through my application.
Hence i want to pass a password as a parameter while open such a password protected file.
Here is my code.
Reference URL: http://support.microsoft.com/kb/303717/EN-US/ Dim oApp As Microsoft.Office.Interop.PowerPoint.Application Dim oPres As Microsoft.Office.Interop.PowerPoint.Presentation Dim objpresset As Microsoft.Office.Interop.PowerPoint.Presentations oPres = objpresset.Open(filename, Microsoft.Office.Core.MsoTriState.msoCTrue, Microsoft.Office.Core.MsoTriState.msoCTrue, Microsoft.Office.Core.MsoTriState.msoCTrue)
Where can i provide password while opening a ppt file...
I am getting an error incase user submits incorect security question's answer. I gave text in 'QuestionFailureText'. But its not working.
Below is the error getting. ' Security Exception Description:The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: The source was not found, but some or all event logs could not be searched. Inaccessible logs: Security.
Source Error:
[Code]....
Source File: c:WindowsMicrosoft.NETFramework64v2.0.50727Temporary ASP.NET Filespng.webe16ed3ec284df543App_Web_rvfjstqa.5.cs Line: 0 Stack Trace:
You know if TextBoxWatermarkExtender attached to a password textbox it shows blank points instead of hints.
in conclusion, is there any working procedure for ajax or javascript code that can change textbox mode from password to singleline back and forth on focus and on exit of the password textbox hence to see the watermark ?
The users of my webapplication are validated using database connection. This requires each user is a sql server database user. While logging their validity is checking by trying to create a connection using userid and password entered by the user. If connection opens successfully, it is a valid user. I also have a page in application to change the password, where sp_password is used to updated database password.
string connectionString = ConfigurationManager.AppSettings["DBServerName"]; //try to create a new connection dynamically using user id and password connectionString = connectionString + User ID=" + userId + ";Password=" + password; using (SqlConnection connection = new SqlConnection(connectionString)) { connection.Open(); }
The problem is after i change password, and logout and try to login, i am able to login using old passwd also. The line of code which creates and open connection succeeds with both old and new password. If i stop and run the application again this works.
