How do I retreive Password, Secret Question and its answer from the Memberhisp API?

[Learner]

Hi there,
Our business doesn' t allow the anonymous users to create an account
on our website. Only web admin creates user account. So using
createuserWizard we are able to create users. But once we create the
user we need to be able to send his UserID , password and Secret
Question and also its answer to the user so that he can use this info
to change his/her password.

Could you please some one help me how do I get the UserID, Password,
Secret Question and its answer once we create the User?

Thanks,
-L

 

[Dominick Baier [DevelopMentor]]

You can handle the CreateUserWizard_UserCreated event to access the values
from the control.

 

[Learner]

Hello Dominick,
I am sorry if I didn't pose my question right in my previous posting.
Yes I am using the same thing but how do I get the user password?
here is how I am trying with

Dim clumsypwd As String =
Membership.GetUser(CreateUserWizard1.UserName).GetPassword.ToString

but it says MemberShip is not desigend to get the password!!!!

Am I missing some thing here?

As far as the remaining values

Dim UserName = Membership.GetUser(CreateUserWizard1.UserName).ToString
'ProviderUserKey.ToString
Dim SecretQuestionAnswer As String =
CreateUserWizard1.Answer
Dim SecretQuestion As String = CreateUserWizard1.Question
'Membership.GetUser(CreateUserWizard1.Question).ToString
Dim PassWord As String = CreateUserWizard1.Password
I am getting all of these values. But I am trying to retrevie the
confusing password that the system generates when we click on "Forgot
password link" on the login Control.

I also can get the uniqueidentifier UserID using the below line

UserID =
Membership.GetUser(CreateUserWizard1.UserName).ProviderUserKey.ToString

but not sure why I can't get the password in the similar way.

Thanks in advance,
Thanks

 

[Dominick Baier [DevelopMentor]]

why don't you read the password directly from the password textbox of the
create user wizard control?

 

[Dominick Baier [DevelopMentor]]

ah i see - you want a randomly generated passwort - right?

you could manually call Membership.GeneratePassword and set the password
for that user.

 

[Learner]

Dominick,

This works fine Dim UserID as string =
Membership.GetUser(CreateUserWizard1.UserName).ProviderUserKey.ToString


but I don't know why this

Dim clumsypwd As String =
Membership.GetUser(CreateUserWizard1.UserName).GetPassword.ToString
doesn't work?


I am writing all this code under CreateUserWizard_UserCreated i.e
after user has been created. If this isn't possible I am wondering how
the "Forgot Password?" link on the LoginControl generates the password
for the user so that he can change it to a meaningful password?

For now I got it working like this

Dim PassWord As String = CreateUserWizard1.Password
Dim clumsypwd As String = Membership.GeneratePassword(8, 8)


Membership.GetUser(CreateUserWizard1.UserName).ChangePassword(PassWord,
clumsypwd)

and this kind of solves what I am looking for. Could you help me how do
I lock the user after certain login trails?

Thanks
-L

 

[Dominick Baier [DevelopMentor]]

the login control does that automatically - there is no LockUser method or
similar - if you want to do that you have to manunally set the flag in the
db.

 

[Learner]

Dominick,
Here is what I am trying to do. The below portion is the membership
configuration setup in web.config file in my application.
the value maxInvalidPasswordAttempts="2" works good. I mean it doesn't
allow the users though they have entered correct password the third
time as we have provided its value 2.

But I am just wondering is there a way that said "User has been locked
out Please contact Adin @ 222-222-2222. Sorry for the incovenince"
kind of message?
Thanks
-L

<!--<system.web>
<membership>
<providers>
<remove name="AspNetSqlMembershipProvider"/>
<add name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, ..."
connectionStringName="LocalSqlServer"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
applicationName="/"
requiresUniqueEmail="false"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="2"
minRequiredPasswordLength="7"
minRequiredNonalphanumericCharacters="1"
passwordAttemptWindow="10"
passwordStrengthRegularExpression=""/>
</providers>
</membership>
</system.web>-->

 

[Dominick Baier [DevelopMentor]]

you can do that manually by checking the IsLockedOut property - nothing built
in AFAIK

 

[Learner]

Dominick,
Thanks I will try that out then.
-L

 

[Roberto Kohler]

We have a similar problem.

We are thinking of sending the user the UserID, Secret Question and Answer
(not the password) and having the user request a new password (using
password recovery) the first time he/she logs on.

This is not a good solution because it will require a 4 step process:
1) Send an email to the user with his/her UserID, Secret Question and Answer
2) User requests a new password (using password recovery)
3) Have the password recovery process send the user an email with the new
password
4) User logs in and changes the preassigned password

 

[Learner]

Hello Robertto,
Thanks for the reply but I am sorry I couldn't get back on this
becuase I was only the guy working on different stuff so kind occupied.
yeah this a sort of long process... running shor of ideas here. My
idea is to send User ID, Password, Secret Question and Answer ( Secret
question and Answer are for future use) and find a way to force the
user to change his/her password after first log in. I haven't thought
of how I could implement this but it just popped up in my mind. Please
let me know how do I force the user to go to the change password screen
after his first log in. I am not sure if there is a way to find out
using Membership API.

Thanks
-L

 

[Ron]

Hi Learner.

In the Login.aspx page of the site.

This in the login LoggedIn Event

protected void SiteLogin_LoggedIn(object sender, EventArgs e)
{
// Check and see if this is the first the user
// has logged into the system if true then force
// the user to change there password.
if (this.IsFirstLogin())
{
this.Response.Redirect("ChangePassword.aspx");
return;
}

}

private bool IsFirstLogin()
{
return
_loginUser.CreationDate.Equals(_loginUser.LastPasswordChangedDate);
}

Hope this helps.

 

[darrell heggaton]

hi i lost my password so i reset it and since doing so i have not been
able to get to my secret question to retreive my new password