Geek Answers Handbook

Change user password in ASP.NET forms authentication

I am C # code (ASP.NET) and I use forms authentication.
I would like to know which of the best ways to change a user password without using asp: ChangePassword.
I do not want to use the reset password method.
I just want to get the password that I have in my text box and replace it with the old password.
Please note that in my password that I use is the passwordFormat = "Hashed"
Some code snippets would be helpful.

Edit:

In my web.config, I set enablePasswordRetrieval = "false"
I used the following method

var myUser = Membership.GetUser(userID); bool isChangeSuccess = myUser.ChangePassword( myUser.GetPassword(), ActivateUserPasswordText.Text.Trim());

It gives me an error

This ISP has not been configured to support password searches.

What can be done to solve these problems? I would really like my PasswordFormat to be a hash.

Yours faithfully,
Naveen jose

+6
c # forms-authentication
source share
5 answers

He decided. Thanks to my fellow developer.

 var myUser = Membership.GetUser(userID); bool isChangeSuccess = myUser.ChangePassword( myUser.ResetPassword(), ActivateUserPasswordText.Text.Trim());

I canโ€™t say that I really liked it.
I thought ResetPassword () would return bool.

+18
source share

Assuming you are using ASP.NET security controls.

System.Web.Security.MembershipProvider.ChangePassword method

+3
source share

Only the hash value for passwords is usually stored by the asp.net membership provider, so it is not possible to restore the original password. This can be changed by configuration, but it is not recommended.
Just ask the user to enter the old password also when changing the password. You can use the old password entered by the user in the User.ChangePassword method, and it should work fine.

+2
source share

This membership provider is not configured to support password searches.

The above message is displayed because your password format will be solid and you will not be able to get the user password. If you want to do this, change the password format and try again.

+1
source share

In case of accident, someone uses ApplicationUser rather than membership - since I was because I did not want to set up a membership provider - you can change the password this way:

  Dim manager = New UserManager() Dim userChange As ApplicationUser = manager.FindById(IDUser) userChange.PasswordHash = manager.PasswordHasher.HashPassword(newPassword.Value) Dim val As Object = manager.Update(userChange)

Hope this helps someone

+1
source share

More articles:


All Articles