Implementing "Forgot Password" In Mvc 2.0 By Asking User Email?
Nov 4, 2010
I am implementing "Forgot Password" functionality in asp.net mvc 2.0 site.Scenario is ,If i click Forgot Password button it will go to some page and it asks the user to enter his email id.Once he entered his email-id ,then his password is retrieved from the database and send to his email id . How to send password to user email.
I want to implement a forgot-password feature in asp.net mvc that allows users to reset their password, and have some questions in this regard: Lets say that before allowing users to reset their password, I want to verify some extra information such as their first and last name. This info is not stored by default in the table created by aspnet_regsql. What is the recommended approach to address such issues?
Should I store this kind of info in a separate table, and use table joins to verify OR should i modify the schema of the table generated by aspnet_regsql (how?) so that I don't have to use joins? Do I need to write a custom provider OR would that not be necessary? I have read at places e.g. in this post that instead of emailing a temporary password, an alternative is to email a URL that when clicked allows users to change their password. How is this done? How to ensure that the URL expires after 1 hour?
After pressing forgot password ,I redirect to page having textbox for email id.When I enter mail id and click on send button I want to send the saved password from database to that mail id. How can I achieve that?
My database contains userid(not auto incremented and specific to user),mailId,password fields.My login page contains UserId nd Password and link of forgot password.
URL...how we can sending formatted email now in my Login.aspx page i have Textbox that when users forget their password they should type their Username on the textbox and after that click on send button.I want when users click on send button their user name that they type in textbox be on the email that send to me .
I have used form authentication, when i am trying to open the forgot passord page by click on link button that is on same login page. it needs authentication without authentication, i am not able to access the forgotpage.aspx
ser enters email addressafter submit, an email is sent to the user The email will include a link that will take the user to a reset password page.Now, how do I fetch user's ID based on the email address and encrypt it? Then what should link be? Like, what I want is fetch the User ID then encrypt it somehow so that the link doesn't contain the actual ID and that link will take the user to a page that will have textboxes to reset the password. I am just confused how to go about it.Also is this the secure way? To reset a password like this?
URL....I use this one as my login, and I addes hyperlink for Forgot Password. But why I can't access the FORGOT PASSWORD.aspx for every time I click it. And when I login it redirects t Forgot Password.How I can access it without logging in?