PasswordRecovery Control - Control Random Password Characters

Discussion in 'ASP .Net' started by =?Utf-8?B?am1obWFpbmU=?=, Dec 31, 2006.

  1. I'm trying to create a process that allows me to limit the non-alphanumeric
    characters generated with the PasswordRecovery control. Specially I want to
    suppress some characters for security reasons. With textboxes I'm doing this
    with a RegularExpressionValidator control and have the following the
    following attribute setup:
    ValidationExpression="^[a-zA-Z0-9\.\-_@#$%^&+=]{6,100}"

    This limits the user input to alphanumeric characters as well of some
    selected characters. The problem is when I use the built-in PasswordRecovery
    control, I can't find a way to limit the random characters, some of which
    cause a validation error within the RegularExpressionValidator control. For
    example, the following was created by the PasswordRecovery control for a new
    password:
    UFa]d+T|!&D9eE

    Some of the characters violate my regular expression. So I tried two other
    approaches which also have failed. One was to simplify my regular expression
    to just check that a minimum and maximum number of characters were passed,
    such as:
    ValidationExpression="^[\w]{6,100}"

    So "UFa]d+T|!&D9eE" should pass this test, but unfortunately it doesn't
    because of the bracket ("]") confuses the regex processing.

    The other path I explored was creating my own Password Recovery user control
    and started coding with MembershipUser.ResetPassword and related functions.
    Unfortunately I couldn't find away to reset the user password without having
    the current password. Since I'm using the hash method to store the password,
    I can't obtain the password via code. Since the user forgot the password, I
    can't ask the user for it on the form. It seems like catch-22!

    My two questions:
    1. Using the PasswordRecovery Control, can I limit the characters that are
    randomly generated when the user control is created? Even just limiting to
    alphanumeric would be good.
    2. Creating my own control, how do I reset the password without knowing the
    original password, while using the hash method to store passwords?
    =?Utf-8?B?am1obWFpbmU=?=, Dec 31, 2006
    #1
    1. Advertising

  2. =?Utf-8?B?am1obWFpbmU=?=

    rodean

    Joined:
    Feb 15, 2008
    Messages:
    1
    Hi, did you solve this problem? I have similar.
    rodean, Feb 15, 2008
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Ben
    Replies:
    3
    Views:
    322
  2. Homer
    Replies:
    2
    Views:
    386
    Homer
    Aug 8, 2007
  3. globalrev
    Replies:
    4
    Views:
    756
    Gabriel Genellina
    Apr 20, 2008
  4. Ghistos
    Replies:
    4
    Views:
    429
    JackPot
    Jul 29, 2008
  5. Jonathan Woodward

    PasswordRecovery Control, Limiting Random Password to Alphanumeric

    Jonathan Woodward, Apr 27, 2006, in forum: ASP .Net Web Controls
    Replies:
    0
    Views:
    193
    Jonathan Woodward
    Apr 27, 2006
Loading...

Share This Page