Change User Password in ASP.NET Forms Authentication

Got it solved. Thanks to my fellow developer.

var myUser = Membership.GetUser(userID);
bool isChangeSuccess = myUser.ChangePassword(
    myUser.ResetPassword(),
    ActivateUserPasswordText.Text.Trim());

Cant say I liked it much though. I thought ResetPassword() would be returning a bool.


Assuming you are using the ASP.NET security thingies.

System.Web.Security.MembershipProvider.ChangePassword method


Only the Hash value for the passwords are usually stored by the asp.net membership provider, so it is not possible to retrieve the original password. It is possible to change this behavior by configuration, but it is not recommended. Simply ask the user to enter the old password also while changing the password. You can use the old password entered by the user in the User.ChangePassword method and it should work fine.


This Membership Provider has not been configured to support password retrieval.

The above message is displayed because of your password format will be salt and so that you can't get the password of the user. If you want to do this change the password format and try again.


On the off chance someone is using the ApplicationUser and not the Membership - as I was because I did not want to set a Membership Provider - you can change the password this way:

            Dim manager = New UserManager()
            Dim userChange As ApplicationUser = manager.FindById(IDUser)

            userChange.PasswordHash = manager.PasswordHasher.HashPassword(newPassword.Value)
            Dim val As Object = manager.Update(userChange)

Hope this helps someone


Comments

  1. Cason

    • 2016/5/31

    Change the available password in db with new password and send the new password to user. Request the user to change the password once the log in.

  2. Josue

    • 2021/4/15

    On the off chance someone is using the ApplicationUser and not the Membership - as I was because I did not want to set a Membership Provider - you can change the password this way: Dim manager = New UserManager() Dim userChange As ApplicationUser = manager.FindById(IDUser) userChange.PasswordHash = manager.PasswordHasher.HashPassword(newPassword.Value) Dim val As Object = manager.Update(userChange)

  3. Baker

    • 2018/2/9

    I'm currently trying to work out if I need to code up a page to do a reset of users passwords. Can I use the ASP.Net configuration page?

  4. Ibrahim

    • 2017/11/19

    cmd = new SqlCommand( "Select pwd from users where uname=@userName", conn ); cmd.Parameters.Add( "@userName", SqlDbType.VarChar, 25 ); cmd.Parameters["@userName"].Value = userName; // Execute command and fetch pwd field into lookupPassword string.

  5. Ryan

    • 2019/7/31

    Here we added two web form login.aspx and welcome.aspx. Step 4: Now we set web.config file to implement the authentication of web 

  6. Carlos

    • 2020/11/17

    Selecting the Reset button will confirm the password has been reset. Create an ASP.NET web app. Start by installing and running Visual Studio 2017. Create a new ASP.NET Web project and select the MVC template. Web Forms also support ASP.NET Identity, so you could follow similar steps in a web forms app.

  7. Erick

    • 2019/1/25

    Set the Authentication mode as Forms in the web.config file; We need to use FormsAuthentication.SetAuthCookie for login; Again we need to 

  8. Beau

    • 2015/10/9

    public GenratePwd () {. //Pankaj is the password for the admin that is encrypted by HasPasswordForStoringInConfigFile method. string ns = FormsAuthentication.HashPasswordForStoringInConfigFile ("Pankaj", "SHA1"); //Password is encrypted in a text file P.txt. StreamWriter s = File.CreateText ("C:\\Pankaj\\P.txt");

  9. Ronald

    • 2021/1/30

    As per your code sample of Simple User Login Form example in ASP.Net. I have developed a user Login page and set default password 1234 for 

  10. Wells

    • 2020/8/17

    Press Ctrl + F5 to build and run the web application. Enter a new user name and password and then select Register. Note. ASP.NET Identity has support for validation and in this sample you can verify the default behavior on User and Password validators that come from the Identity Core package.

  11. Amato

    • 2020/2/25

    In the web.config file, set the authentication mode to Forms. [Users]( [Id] [int] IDENTITY(1,1) NOT NULL, [Username] [nvarchar](50) NULL 

  12. Frederick

    • 2021/5/31

    protected void LoginClick_Click(object sender, EventArgs e) { string username = TextBoxUserName.Text; string password = TextBoxPassword.Text; //read UserName from database and you could using the username to get its hashed password and salt. var db = new TestEntities(); usercredential record = db.usercredentials.Where(x => string.Compare(x.UserName, username, true) == 0).FirstOrDefault(); if (record == default(usercredential)) { throw new ApplicationException("invalid user name and password

  13. Ace

    • 2021/5/4

    You are required to create a default login page using ASP.NET's login control and save that page. The default settings for Forms Authentication are 

  14. Brown

    • 2016/10/23

    private async Task AddCountryClaim() { var authState = await AuthenticationStateProvider.GetAuthenticationStateAsync(); var user = authState.User; var identityUser = await MyUserManager.FindByNameAsync(user.Identity.Name); if (!user.HasClaim(c => c.Type == ClaimTypes.Country)) { // stores the claim in the cookie ClaimsIdentity id = new ClaimsIdentity(); id.AddClaim(new Claim(ClaimTypes.Country, "Canada")); user.AddIdentity(id); // save the claim in the database await MyUserManager

Comments are closed.

Recent Posts