.Net Change Password control customisation - password validation

I am creating a change password page on a new site using the Change Password control from .Net
Site will be based on 3.5 Framework

so i have this basically:
<asp:ChangePassword ID="ChangePassword1" runat="server" MembershipProvider="AspNetSqlMembershipProvider"></asp:ChangePassword>

I would like to do the following server side:

I need to first check the username and based on the username apply only one of the following validation rules:
If User is Admin - Ensure Password is 11 characters long
If user is Normal Member - Ensure password is 10 characters long

For BOTH of these there are also extra validation rules:
- Must use at least 3 of the following characters (lowercase, uppercase, numerals, special symbols)

How i determine a user is Admin or Normal Member will depend on the username, logic yet to be finalised but for purpose of this excerise lets assume admins have "adm" infront of their username, normal members dont

Can anyone help me with how i would do the validation checking as detailed above?
I would prefer to use regular exp for the password validation to make the code easier to update later on.

I have never used this control before so unsure of what event to perform such validation on to ensure the password is not changed unless these rules are checked for.

Lots of points on offer for complete answer.
HRT_HSVAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

carlnorrbomCommented:
Hi,

Well. in order to set this up server side you could use a custom validator for the NewPassword textbox (if you convert the control to a template). See the snippet for some reference code. Be sure to add the custom validator to the same validation group as the others in the changepassword control or it won't fire. The changepassword control has a property called: NewPasswordRegularExpression which you can use to define the regex you need.

/Carl.
    Protected Sub CustomValidator1_ServerValidate(ByVal source As Object, ByVal args As System.Web.UI.WebControls.ServerValidateEventArgs)
        Dim strUserName As String = User.Identity.Name.ToString()
        If strUserName.Substring(0, 3) = "adm" Then 'user is admin
            If NewPassword.Text.Length < 11 Then 'invalid
                args.IsValid = False
            Else
                args.IsValid = True
            End If
        Else 'user is not admin
            If NewPassword.Text.Length < 10 Then 'invalid
                args.IsValid = False
            Else
                args.IsValid = True
            End If
        End If
    End Sub

Open in new window

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
HRT_HSVAuthor Commented:
ok great thanks i will give this a try, do you know about the 2nd part of the question, the regex for this validation rule...

"Must use at least 3 of the following character combinations (lowercase, uppercase, numerals, special symbols) "
eg: at least 1 lower AND 1 upper AND  1 numeral .
keustermansCommented:
I think this regex will do it fo you:

For 10 character with at least one Upper Case, one Lower Case and One special char
^.*(?=.{10,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[@#$%^&]).*$

You can adjust the length minimum 11 chars by repalcing the 10 with an 11 and you can add more special chars to the list if you want to
HRT_HSVAuthor Commented:
thank you both for pointing me in the right direction much appreciated
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
.NET Programming

From novice to tech pro — start learning today.