ASP.NET ID Password Verification

Question

ASP.NET ID Password Verification

I use Identity in my MVC project, and all this is nice and nice. In addition, the new user registration form has some crazy password requirements

Passwords must have at least one character without a letter or number. Passwords must have at least one digit ('0' - '9'). Passwords must have at least one uppercase ("A" - "Z").

And here is the register model

public class RegisterViewModel { [Required] [StringLength(50, ErrorMessage = "The {0} must be at least {2} characters long.", MinimumLength = 2)] [Display(Name = "First Name")] public string FirstName { get; set; } [Required] [StringLength(50, ErrorMessage = "The {0} must be at least {2} characters long.", MinimumLength = 2)] [Display(Name = "Last Name")] public string LastName { get; set; } [Required] [EmailAddress] [Display(Name = "Email")] public string Email { get; set; } [Required] [StringLength(100, ErrorMessage = "The {0} must be at least {2} characters long.", MinimumLength = 6)] [DataType(DataType.Password)] [Display(Name = "Passord")] public string Password { get; set; } [DataType(DataType.Password)] [Display(Name = "Repeat Password")] [Compare("Password", ErrorMessage = "The password and confirmation password do not match.")] public string ConfirmPassword { get; set; } }

Account controller

  // POST: /Account/Register [HttpPost] [AllowAnonymous] [ValidateAntiForgeryToken] public async Task<ActionResult> Register(RegisterViewModel model) { if (ModelState.IsValid) { var user = new ApplicationUser { UserName = model.Email, Email = model.Email }; var result = await UserManager.CreateAsync(user, model.Password); if (result.Succeeded) { await SignInManager.SignInAsync(user, isPersistent:false, rememberBrowser:false); return RedirectToAction("Index", "Home"); } AddErrors(result); } // If we got this far, something failed, redisplay form return View(model); }

I see a length requirement for a password, but I don’t understand how to change the password check, so I don’t need a character without a letter or number.

Thanks everyone, thanks, thanks.

Bonus: what do {0} and {2} mean? Thanks.

+5

asp.net-mvc asp.net-identity

Patrick fritch Mar 04 '15 at 16:15

source share

2 answers

Alkasai · Answer 1 · 2015-03-19T17:08:56+0000

In Startup.cs , where you add the identity service, you can add options to verify the password:

 services.AddIdentity<ApplicationUser, IdentityRole>(Configuration, options => options.Password = new PasswordOptions { RequireDigit = true, RequiredLength = 6, RequireLowercase = true, RequireUppercase = true, RequireNonLetterOrDigit = false }) [...];

Munes · Answer 2 · 2015-10-28T07:17:15+0000

If you use one of the applications in the ASP.NET template and choose Authentication as "Individual user accounts", you will find the password settings in the IdentityConfig.cs file in the App_Start folder in your application. Here you can change the password settings as follows to disable all requirements except the password length:

 manager.PasswordValidator = new PasswordValidator { RequiredLength = 6, RequireNonLetterOrDigit = false, RequireDigit = false, RequireLowercase = false, RequireUppercase = false, };

ASP.NET ID Password Verification

More articles: