A
AAaron123
I've been trying to create the capability of changing a users password
without knowing the old password nor the answer to the password question.
Without success!
I googled a few times, also without success.
I think I need a custom provider since the default one I use to create a
user account is:
<membership>
<providers>
<add name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="LocalSqlServer" enablePasswordRetrieval="false"
enablePasswordReset="true" requiresQuestionAndAnswer="true"
applicationName="/" requiresUniqueEmail="false" passwordFormat="Hashed"
maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7"
minRequiredNonalphanumericCharacters="1" passwordAttemptWindow="10"
passwordStrengthRegularExpression=""/>
</providers>
</membership>
Based on the note below I wonder if I could change the password if I knew
how to make a second AspNetSqlMembershipProvider in my solution and somehow
get ResetPassword to use it. Is something like that possible?
Maybe I need a folder with its own web.config file or a completly separate
application?
Can anyone give me a little direction or code ?
Thanks in advance for any help at all
In some organizations, a Customer Service department may wish to change a
user's password to a new known value, perhaps in response to a customer
request. The ChangePassword method, which appears to handle this need,
unfortunately requires the original user password which is usually
unavailable to the site administrator. By setting
"requiresQuestionAndAnswer" to false, "enablePasswordRetrieval" to true and
"enablePasswordReset" to true in web.config, the ResetPassword and
ChangePassword methods can be used to change a user's password to a known
value, regardless of the password format:
without knowing the old password nor the answer to the password question.
Without success!
I googled a few times, also without success.
I think I need a custom provider since the default one I use to create a
user account is:
<membership>
<providers>
<add name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="LocalSqlServer" enablePasswordRetrieval="false"
enablePasswordReset="true" requiresQuestionAndAnswer="true"
applicationName="/" requiresUniqueEmail="false" passwordFormat="Hashed"
maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7"
minRequiredNonalphanumericCharacters="1" passwordAttemptWindow="10"
passwordStrengthRegularExpression=""/>
</providers>
</membership>
Based on the note below I wonder if I could change the password if I knew
how to make a second AspNetSqlMembershipProvider in my solution and somehow
get ResetPassword to use it. Is something like that possible?
Maybe I need a folder with its own web.config file or a completly separate
application?
Can anyone give me a little direction or code ?
Thanks in advance for any help at all
In some organizations, a Customer Service department may wish to change a
user's password to a new known value, perhaps in response to a customer
request. The ChangePassword method, which appears to handle this need,
unfortunately requires the original user password which is usually
unavailable to the site administrator. By setting
"requiresQuestionAndAnswer" to false, "enablePasswordRetrieval" to true and
"enablePasswordReset" to true in web.config, the ResetPassword and
ChangePassword methods can be used to change a user's password to a known
value, regardless of the password format: