Security :: PasswordRecovery Sending Email Twice

Dec 24, 2010

I have a PasswordRecovery control set up on an ascx control as shown below. In some cases users have gotten two emails with different passwords sent at the same time. They're insistent that they haven't hit the button twice. I am using the CSSFriendly adapters, so I can take that off and see if it corrects the problem. Otherwise I suppose I could put this on the aspx page rather than a control.

<asp:PasswordRecovery ID="PasswordRecovery1" runat="server"

View 5 Replies

Similar Messages:

Security :: PasswordRecovery By Email Instead Of Username

Jun 5, 2010

Is it possible to create a passwordRecovery by the email address instead of the username? A lot of our members forgot their username.

View 1 Replies

Security :: Changing PasswordRecovery To Email

Dec 12, 2010

I am new to 4.0 and I am having a hard time changing the PasswordRecovery to email instead of username. here is my aspx page (the page won't hit the vb code unless i enter the username not the email)


View 9 Replies

Security :: Use The PasswordRecovery Control To Recover A Password Using The Email Address Instead Of The User Name?

Jan 26, 2010

Is it possible to use the PasswordRecovery control to recover a password using the email address instead of the user name?

Ideally I'd like to have the PasswordRecovery control allow users to enter their email address instead of their user name and then proceed to answer the security question.

View 3 Replies

ChangePassword And PasswordRecovery Not Sending Emails

Mar 8, 2010

I am using the ASP.NET membership provider controls (ChangePassword and PasswordRecovery) and they generally work just fine. Unfortunately they don't send any emails once the process is finished. I set up the SMTP server using the ASP.NET Configuration Website and it added the following lines to the web.config:

<smtp from="">
<network host="" password="XXXX" userName="XXXX" />

I also tried using the IP adress of the server instead of the domain. In addition to that I set the maildefinition properties on the used web controls:

<MailDefinition From=""
Subject="Your new password">

Once I finish changing or resetting the password, the controls shows the success message. It does not show any errors but the mails are not sent. I also checked the SMTP log files on the server (it's a MailEnable server) but couldn't even find an attempt to send these messages. I am using a custom email helper class which manually sends an email using the following settings:

public static void SendEmail(string from, string to, string subject, string body)
SmtpClient mailClient = new SmtpClient(ConfigReader.GetStringValue("MailServer"));
mailClient.Credentials = new NetworkCredential(ConfigReader.GetStringValue("MailUsername"),
MailMessage mailMessage = new MailMessage(from, to, subject, body);

The values for mailserver, username and password read from the config file are the same as defined in the ASP.NET configuration tool. These mails are delivered successfully.

View 2 Replies

Security :: Sending Passwords By Email Security Threat?

Nov 4, 2010

Having spent considerable amount of time in ASP.NET security community I would like to share this.

There are three ways of resetting and changing passwords explained at

Microsoft ASP.NET site[URL]

Step 1: Helping Users Recover Lost Passwords
Step 2: Changing Passwords
Step 3: Allowing Administrators to Change Users' Passwords

In step 1 and step 2 end user passwords are sent by an email.

In Step 3: functionality is explained where administror changing the password and sending through email msg. refer "I encourage those readers interested in this functionality to become more familiar with the code and try extending the functionality to include sending an email to the user whose password was changed. Query

Is Sending passwords by emial secure enough or best security password at all? I have implemented functionality where Admin sending passwords to end users by changing once in 3 months. End users expressed their views that sending passwords by email is not secure. When there is security threat in sending passwords by email, Microsoft security experts should not emailing passwords in above mentioned article, which is still up to date.

View 5 Replies

Security :: Sending A Secure Email?

Mar 11, 2010

I'm building a forgot password feature for my first secure backend.

I want to email a url containing an encrypted parameter to the user which will lead them to a password reset form that can only be accessed via the url with the encrypted parameter.

But what if the email gets intercepted?? then anyone who intercepts it will have the link to the reset page.

Is there a way I can send a secure email? I know nothing about email really. Is it even possible to send a secure email? Can I encrypt the email, will that help? But if it is encrypted then how does the recipient read it?

View 4 Replies

Security :: Sending Email For The Password Recovery?

Mar 15, 2011

I need to send an email(using SMTP) whenever the user forgets the password.....The code snippet i have is

void PasswordRecovery1_SendingMail(object
sender, MailMessageEventArgs e)
MailMessage mm =


I need to call this function whenever the user clicks the Reset button...

View 2 Replies

Security :: Sending Form Data Securely By Email?

Jan 17, 2011

I'm building a website for a client on which they want site visitors to be able to fill out a form with the relevant information along with their credit card details, and when they submit the form, the information will be sent to the client in an email. This is an experimental services that they're offering so they're not interested in real time credit card processing yet. If I just zip the collected data up into a password protected zip file, and send that in an email to the client, would it be secure? Or do I have to go further than that to secure the data?

View 1 Replies

Security :: Sending More Than One Email With Username And Link In One And Then The Password In Another?

Feb 22, 2010

I was curious how some of you are sending out an email to a new user, are you sending more then one email with username and link in one and then the password in another, are you sending everything in one email, are you sending an email to the new user at all?I'm curious because my web site is not a self registering web site, Only a supervisor can create a new user and then that user gets an email. I'm trying to figure out the best way to send the new user an email with their credentials to the site.the users are outside users (vendors) though their username is created by an internal employee

View 10 Replies

Security :: Sending Email In Asp 3.5 C Sharp / Unable To Recived The Mail?

Jul 21, 2010

I am writing the code for contactus module for DNN. But i ma unable to recived the mai. what i m missing in the code.

SmtpClient smtpClient = new SmtpClient();
MailMessage mailMsg = new MailMessage();
MailAddress fromAddress = new MailAddress("", "friend");
smtpClient.Host = "";
//smtpClient.Port = 587;
smtpClient.Port = 25;
mailMsg.From = fromAddress;
mailMsg.Subject = "test message";
mailMsg.IsBodyHtml = false;
mailMsg.Body = "hello friend";
catch (Exception ex)
// lblstatus = "sending fail" + ex.Message;

View 6 Replies

Visual Studio :: PasswordRecovery Email Never Received

Jan 18, 2010

I'm working on a project in VS 2010 that was created in VS 2005 & 2008. I am using the standard PasswordRecovery control. When a goes through the password recovery process, everything appears to be normal. They enter their user name, have to answer the security question, then the "Your password has been sent to you" message is displayed. But, the email is never received. I have tried user names with several different email addresses, but no messages are received. What is a good way to debug this? Here are my settings:

In web.config:
<!-- The following line is set up for Gmail (otherwise, value="localhost") -->
<add key="MailServer" value="[URL]"/>...

Membership Provider:
<providers><add name="CustomizedMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="SiteConnection" applicationName="/" enablePasswordRetrieval="false"
enablePasswordReset="true" requiresUniqueEmail="false" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0"/></providers>...

Also, all of the other emails generated from my site are being sent and received successfully.

View 6 Replies

Security :: Finding Tutorials For Registering And Sending An Activation Link To The User's Email Address

Feb 9, 2010

I program in vb

I was wondering if someone can direct me to a good quality tutorial on the process of registering and sending an activation link to the user's email address. I can't seem to find any useful tutorials online!

View 5 Replies

Security :: How To Stop Sending Mail When Email Format Is Wrong In Password Recovery Control

Jan 20, 2011

I want get code for how to stop sending mail when email format is wrong in password recovery control and getting error message and also how to getting error message, means how to stop that.

View 5 Replies

Web Forms :: PasswordRecovery Control - Errors Trying To Send Email

Oct 28, 2010

I have a password recovery control on my login page. I want to have it send the user specified (and after question/answer filled out correctly) password in an email. I keep throwing an error though, saying that the SMTP needs authentication. I've used a lot of email capabilities in my application, but I set all the SmtpClient properties programmatically, so I never had to rely on mailSettings section of the web.config file. But now I am relying on it, because I am not intercepting any events (unless that would be easiest) of the password recovery control. Here is my excerpt from my web.config file:


What am I not doing here to specify SMTP authentication? Why am I throwing this error? I'm putting my credentials in there with username and password. Am I not configuring the PasswordRecovery control correctly?

View 4 Replies

Security :: PasswordRecovery Not Completing Security Answer Verification?

Jul 12, 2010

I'm using's built-in membership provider with security question-and-answer enabled for password recovery against a SQL Server 2005 db. For some users, this works fine and they're able to receive their passwords. For others, and it's not clear what separates the two groups, the security answer is never properly processed. It doesn't matter if the answer is correct or incorrect, the page merely reloads without confirming or denying the request.As for events, VerifyingAnswer is being triggered, but not AnswerLookupError (if answer is incorrect) or SendingMail (if answer is correct). I ran a SQL trace during one instance, and the aspnet_Membership_GetUserByName stored procedure is being called, but nothing else gets called after. I would expect that aspnet_Membership_GetPassword would be called, which passes the security answer as a parameter, but it isn't.

View 2 Replies

Security :: Bug In PasswordRecovery Control?

Apr 5, 2010

I have asked the following question multiple times but did not receive any proper reply.

I have a web page which is using PasswordRecovery control.

Its working fine but I have a scenario in which I have to disable Viewstate for the whole application.

Now after disabling viewstate when I visit the webpage I have noticed that PasswordRecovery controls is not working (Every times when I submit the default button to go to step 2, the postback occur but not moving to step 2).

View 1 Replies

SQL Server :: Getting A Email Deliver Status When Sending Email Using Msdb.dbo.sp_send_dbmail?

Aug 24, 2010

I have set a job in sql server 2008 to send reminder emails for product expiration. Now I want a report which will specify the list of the emails sent with the email status details like queued ,sent,delivered, failed.

I can fetch the emails that are sent by querying the like following

select * from sysmail_mailitems SM inner join sysmail_profile SP on SM.Profile_Id = SP.Profile_Id
and SP.Name ='ReminderProfile'

The problem is only getting a perfect status of email whether it is delived or failed. How I can get those status ?

View 2 Replies

Visual Studio 2005 - Sending An Email To User Input Email?

Feb 23, 2011

i have an aspx page, that takes in user data (name, number & email) after that information gets submitted to me, I need to send an email to their input email, with a message of confirmation.

View 1 Replies

Web Forms :: Email Text Formatting Not Changing When Sending An Email

Jul 18, 2010

I am sending an email for forgot password to the user. i have formatted the body text of Email but when i have checked that email, it is coming without any formatting.

here is the formatting code which i am sending as a string.....

View 7 Replies

Web Forms :: Sending An Email Causes Error - Specified String Not In Email Format

Feb 12, 2010

have code on a web form -- when you hit the button "send emails", it executes this sub which reads an SQL database table and sends emails one by one -- however I get this error above -- anyway to check it and skip to the next email? Some emails in my table have for example, so it seems this causes this error.


View 1 Replies

Security :: Customizing PasswordRecovery Templates?

May 3, 2010

I'm customizing the look and feel of the PasswordRecovery control. The problem is this. I've already set the "Search" button on my site as the default button. I've noticed that all the buttons used in customizing PasswordRecovery use "Button" as their IDs. So in my Page_Load() event, I tried this.Form.DefaultButton = pr1.FindControl("Button").UniqueID; where pr1 is the PasswordRecovery control. But I keep getting "Object reference not set to an instance of an object" error where I try to set Button as the default button.How do I make sure that the user can actually hit "Enter" to use PasswordRecovery as opposed to having to click the buttons?

View 4 Replies

Security :: PasswordRecovery Always Returns UserNameFailureText?

Jan 31, 2011

I've build a PasswordRecovery, but it always returns this error code. What is wrong?

The aspx code:


I don't use any code behind, maybe i sould do? but what, it should work without any coding? The txt file:

Bij deze ontvangt u uw nieuwe wachtwoord:<br><br>
Gebruikersnaam: <% UserName %><br>
Wachtwoord: <% Password %><br><br>
Met vriendelijke groeten

View 1 Replies

Security :: Nothing Happens When PasswordRecovery Submit Button Pressed?

Nov 20, 2010


how to make this work (I assume that no code behind is needed to make this work in its simplest form?).After user correctly answers the security question and presses submit, no email is sent. No message is displayed. Nothing. What is missing?

View 6 Replies

Security :: Change Display Of PasswordRecovery Control?

Aug 11, 2010

For reasons to long to go in to I have to change the behaviour/appearance of the Success page on our password recovery page.

We've been tasked with making the Success template identical to the UserName template i.e. with a label and text box for UserName and identical messages on both pages.

Basically our client wants no difference between successful password retireval and failure - the same message will display regardless e.g. "An email has been sent to <username> with your password."

Which reminds me - in the success/failure message they'd like the entered UserName to appear but I can only get it to appear if it's a valid username - if it's nonsense the UserName is blank.

View 2 Replies

Copyrights 2005-15, All rights reserved