How to change strong password policy in ASP.NET

jake · Mar 9, 2006

Hi.
I am building web apps in visual web developer 2005 express and SQL
2005 express. Users have complained about the strong password policy,
so I would like to change it to somthing like at least 5 letters and 1
number. Thanks for the help in advance.
-Jake

Juan T. Llibre · Mar 10, 2006

By default, the ASP.NET membership providers enforce strong passwords.

For example, the SqlMembershipProvider ensures that passwords are at
least seven characters in length with at least one non-alphanumeric character.

You should ensure that your membership provider configuration
enforces passwords of at least this strength, for maximum security.

If you want to lessen the password complexity rules enforced by your provider,
you can set the following additional attributes in the providers section of your
<membership defaultProvider...> element of web.config :

minRequiredPasswordLength
The default is 7.

minRequiredNonalphanumericCharacters
The default is 1.

See :
http://msdn2.microsoft.com/en-us/li...ity.membership.minrequiredpasswordlength.aspx

Why you would do that is beyond me, though.
I would *never* lessen the security of my ASP.NET apps.

How to cancel strong password limitation in ASP 2.0	1	Mar 6, 2006
Strong Password encryption program?	2	Apr 21, 2006
How to change default sql server?	4	Nov 21, 2009
Change a users password without knowing the old password nor the answer to the password question	1	Jan 15, 2009
RegularExpression Validation for password in ASP.NET	5	Apr 10, 2008
how to change password restriction in CreateUserWizard?	3	Feb 9, 2007
Login Controls - Force user to change password at next login	2	Oct 30, 2006
Changing a users password without knowing the old password nor the answer to the password question	2	Jan 15, 2009

How to change strong password policy in ASP.NET

jake

Juan T. Llibre

Ask a Question

Similar Threads

Members online

Forum statistics

Latest Threads