C# - How To Force The User To Change His Password After First Login
Mar 12, 2011
I want to force the user to change his password after his first login. Now, where should I put the redirection code to ChangePassword page ?
If I put it in the Page_Load of Default page, user can move to any page because he is Authenticated. If I put it in the Page_Load of Master page, the ChangePassword page uses the same master page, and it'll enter in an infinit loop of redirections.
I though of ignoring the redirection if the Page is the ChagePassword page from the Master page, and I found this answer which says:
This sounds like a bad idea to start with. The idea of the master is that it shouldn't care what page is there as this is all common code for each page.
But the problem occurs when user use automatic login and then he change his password. In some site, I see it will force you to re-login when you change password. It's quite easy for forcing current page to log out and re-login again.
But I don't find any nice idea for forcing other auto-login cookie in other browser to login again. I have some quite ugly idea for doing that but I don't like it.
Keep latest change password date in user data.
Put it in authentication cookie like the following code.
I'm using the ChangePassword method of membership provider to change the password and one of the requirement before calling the ChangePassword is to retrieve the current password. But I'm getting error:
I have a problem when user changes the password using the Account Membership implementation from ASP.NET MVC.
I'm creating users from ASP.NET Configuration tool at Visual Studio. Thats works fine. But when my users changes password using the published site, the login process fail, when try to authenticate using new or old password, either.
Have any workaround that I'm forgot to implemento to avoid this?
I'm using the ChangePassword method of membership provider to change the password and one of the requirement before calling the changepassword is to retrieve the current password. But I'm getting error:padding is invalid and cannot be removedbelow is my web.config:
I am working on an application that uses windows authentication. Within this application, we give the user the ability to change their password. The user can change the password just fine. However, after they change their password, that is when things get weird. Sometimes they can navigate through the application just fine. Other times, they click on a link and are immediately prompted to supply credentials. Occasionly they can click on a link but upon a second click they are prompted to supply credentials. Does the browser keep a token to the original credentials and use this when they request the next page? If this is the case, why can i continue using the site sometimes? Can I change the password and then assign that token to the request?
I was wondering how I would go about changing a users password in ASPNETDB? There are some stored procedure I've been playing around with such as dbo.aspnet_Membership_setpassword and resetpassword but I've managed to corrupt the login password for my user as now I cannot login anymore (gives wrong username or password message in my webform login screen).Any ideas how I can successfully change my password from the ASPNETDB / stored procedure ?
iam using asp.net2.0 with c# with backend sql server 2000.in my database some user dosent have password (null) and some user having password .when iam checking the user it is giving message invalid user or password.
am working on a new site and i want to do tothings for security1. I want to encrypt the password of the user who register on my site and also decrypt it to enable him in login again.2. I will make an online exams so I want to disable the user functions to hack the exams materials such as (print page, print screen , or even selecting data manual by mouse )I googled a lot about this matter I found java scripts to make this but what about the users who will disable scripts on their browsers. So I want to do this with C# Code.
I am struggling to login into my web portal on my new sony vaio laptop. I think that I need to do some settings, or download some plugin. Infact I don't know what to do, as I have spent many hours trying to login, but no success. Below is my office website:[URL]When I enter my credentials and click login, the web page gets refreshed, i.e username and password get erased, rather than taking me into my web-portal. The laptop is having windows 7 home premium, with ie8. I have also tried installing firefox, chrome, opera and safari, but same problem.
as sony has refused to take the laptop back and they are saying that there is problem with website. Similarly, website staff are saying that there is a problem with the laptop and not with the website.
I have created a test user/password on my web site. The intent is to have prospective clients login and try out the tool. Instead of telling them the userid/password of the test user, I'd like to tweak the Login wizard.
In the Load event, I was able to specify login1.UserName = "test user"
But when I try to specify the password, I'm told it is a readonly field. How can I 'force' a specific password? Or, how can I call the login event directly and pass the needed values?