1. In the asp.net configuration tool I can create a user without a problem. When I enter the password it performs some validation on it and if I've not entered a reasonably strong password it gives me an error saying "the minimum password length is 7 characters and must contain at least 1 non-alphanumeric character." I've got no problem with this and I don't want to get side-tracked into the merits of password security. Is it possible to change this validation so that it accepts anything I enter? Surely, as weak as it is if I wanted to enter "password" I should be allowed to? Perhaps you can't change it which is fine but if you can how would you go about it?2. If I add an asp change password control to a page I was sort of hoping I might be able to override any global setting (1 above) and find a property that would let me set the pattern at run time? I can't but maybe there is a way to do it in code?
I am developing a shopping cart with asp.net and sqlexpress. I am using aspnet authentication components to create a backend page. I designed the site to let in only authorized users in.
Yesterday, I forget my password to login to backend and asked system recover my password. with recover password of the asp.net I was able to receive the temp password. I took that and logged in, of course asp.net forward me to password change component which I am having problem with.
Every time I change my password , password change shows that I was successfull but after clicking on the continiue button password change component comes back. I went to properties of password change component and entered the main default page as destination but it is not helping.
I close the IE clear the cache , even restart the machine. When I login always taking me to the password change page.
i need a regular expression validator for password that should not allow some of the special characters like % ' " ; *. give me the expression such that it should allow special characters except the above and a numeric a capital letter and a small letter ...
I have an application with a custom mebership (I'm still working on it). There is some funcionality in the application for asociating users. This means that (if already associated) one user could switch to some other user with just a click.
My question is:
Can I do a function that would allow me to authenticate one user without sending the password as a parameter?
I'm using the ChangePassword method of membership provider to change the password and one of the requirement before calling the changepassword is to retrieve the current password. But I'm getting error:padding is invalid and cannot be removedbelow is my web.config:
I got a problem here and i desperately need your helps through this.Ok,i use Change Password control to allow user to change their password.I use administrative tool to setting their username and password.When i run my project and clicks on Change Password button,i got below error:"Password incorrect or New Password invalid. New Password length minimum: 6. Non-alphanumeric characters required: 0."It means,change password attempt is unsuccessful.Why this happen?
some links or guides on how to use Change Password control in asp.net?I already succeed implemented the login control in my application.And now i want to put change password control in my application so that the user can change their password accordingly.How can i do this using asp.net?
I have created login page(login.aspx) using login cotrol, now my lead asked me to provide an option "Change Password" so that end-user can change his password any time.I have created different form named as ChangePassword if you click lableChangePassword on login.aspx page a pop-up window appears with changepassword control.how can i make this work using same(login) table. i searched around for code around i did not find.I used this link to create login page
I am designing a website (ASP.NET in VB) and I'd like it to have the following features: to generate a random string to be used as a password. This bit I should be able to manage, the bit I don't have a clue on is how I can pass this to a Windows machine (on a workgroup not AD) to change a user's account password.
Using windows Authentication... is it possible to progrematically change a password?
I tried using several ways to do this. I tried using the ChangePassword control. This tells me that minimun characters is 7 even though I have more then 7 characters... I also tried using this method:
[Code]....
The user is always null... and I am assuming this is because this object is indended to use with Forms authentication.
All I want to do is have an option for users to change passwords. Is this possible with Windows Authentication?
I Use Asp.Net Change Password Control.I want to make shure that new Passord won't be the sae as Old Password.Is ChangingPassword Event Using for this process?How Could I Compare NEw Password Which is ClearType with Hashed Password which Saved In DB.Note:I Use ASP.Net Builtin Membership.
I have this code for changing a user's password when they click the password reset button (with extra code to log to ELMAH so I can try to figure out what is going wrong).
This is in ASP.NET MVC 2, using the standard aspnet membership provider, with a simple View like this:
New Password: ______ Confirm Password: ______ [Reset] [Cancel]
The route to this view is `/Account/Reset/guid`, where guid is the user's id in the aspnet membership database.
The key portion of the code is where it calls `user.ChangePassword()`. You can see that it logs a message when successful. The problem is that for some users, the success message is logged, but they can not log in with the new password. For other users it logs the success message and they can log in.
if (user.ChangePassword(pwd, confirmPassword)) { ErrorSignal.FromCurrentContext().Raise( new Exception("ResetPassword - changed successfully!")); return Json(new { Msg = "You have reset your password successfully." }, JsonRequestBehavior.AllowGet); }
The full code listing is:
[Code]....
Edit: Adding a bounty to try to get this solved. This is one of the most annoying problems on my issue list, and I have no idea how to proceed.
I've change it to passwordStrengthRegularExpression="^(?=.{8,15}$)(?=.*[0-9])(?=.*[A-Z]).*" however it still keeps coming up telling me that I need at least 7 characters and one nonAlphaNumberic... I looked at my machine config and made some adjustments there so that
minRequiredPasswordLength="" minRequiredNonalphanumericCharacters="" were blank
I have an edit profile form for my website, and I'm adding a section at the bottom of the page where the user will be able to update his password (in addition to editing his profile). Basically, I have 3 Textboxes: current_password (the current password) , change_password (the new password), verify_password (confim the new password).
[Code]....
I'm trying to write basic validators for such a form, which I'm having trouble with and could use soem help on. For instance, I'm trying to write a validator: 1) that checks whether the value of the currentPWD and changePWD. If currentPWD is empty and changePWD is not, then the validator needs to signal to the user that a value for currentPWD is needed. This is my validator but it's not working:
[Code]....
I noticed that the custom validator is declared before the Textbox "change_password" is.. I'm not sure if this could be the issue..
I have converted the change password control to a template. It is inside an update panel. After changing the password the confirm button takes the user to the success step by updating the update panel. Then by clicking the OK button, I would like to reset the password changer to its initial state so that the user can change the password again. Right now I am not sure how this is done and the control simply remains at the second step, telling the user "password has been changed" . User can press OK. What must I write in the OK button click event to reset the password control to its original state?
I have written a javascript code for handling the password functionality. The scenario is: when user wants to change the old password, he cannot fill the same old password again. I have written the code. But even the simple alert of blank textbox is not working. See the code for reference:
Javascript code:-
<script type="text/javascript"> function ltrim(str) { var reg reg = /^s+/g return str.replace(reg, "") } function rtrim(str) {
Does anyone has a solution (sample code) for the following features:
Create a randomGuid/Cryptographically strong random number Send a unique URL containing the random number to the user's email address When confirmed, the user is asked to change password
My provider is currently parametrized this way:
[code]....
The security issues with this type of procedure have been discussed here before.
I'm using the ChangePassword method of membership provider to change the password and one of the requirement before calling the ChangePassword is to retrieve the current password. But I'm getting error:
I have create a masterpage and add content page include user (firsname,lastname,password,new password,confirm new password adn etc..)detail update field. i try to give a client side validation all the function work,but in confirm password its not hide wen give a correct password.. anybody give correct solution..code are below..
