Membership User Reset Password

Posted on 2009-02-09
Last Modified: 2012-05-06
I'm trying to provide the users and Admin users the ability to reset their password and then change it on the next login.  The reset password works and the users can login but if they try to chagne their password to something more readable I get the follow error.

"The password supplied is invalid.  Passwords must conform to the password strength requirements configured for the default provider"

I'm trying to Reset and then changing the password using the code below.  I still get the same error.  











Method to reset and change password:

  MembershipUser user = Membership.GetUser(uid);

                string newpwd = "newPassword!";

                string resetpwd = user.ResetPassword("QuestionAnswser");


                user.ChangePassword(resetpwd, newpwd);

Open in new window

Question by:zekuser
    LVL 7

    Expert Comment

    You need to do it on the .config file!  Here is the forum for your answer!

    LVL 6

    Expert Comment

    I'm not sure why your code is failing, but it may help to skip the ResetPassword / UpdateUser step. Try this:

    user.ChangePassword(user.GetPassword("QuestionAnswser"), newPassword);

    This won't work if you are using hashed passwords but it should work for encrypted and clear.

    Author Comment

    I know you have to do it in the config File!! that is why i posted the web config section first.  The only piece I didn't paste in was passwordStrengthRegularExpression="".  

    I'll try the cuser.ChangePassword(user.GetPassword("QuestionAnswser"), newPassword); to see if it works.

    Author Comment

    I'm getting Attribute not recognized enablePasswordRetrieval.  I researched a little more and I found this on MSDN.

    The ActiveDirectoryMembershipProvider class does not support this method. "  
    LVL 6

    Expert Comment

    Yes, you are correct about the AD provider. I went through this last year. In the end I found that while I could change my own password using the ChangePassword control, I couldn't change anyone else's.


    Author Comment

    I have an admin account that I supply to the Provider in the web.config file and I can change a users password.  The problem is that I need to know what the users password was .  I can reset the users password (without knowing their password) but this password is generated by the provider.  The password has to exist for a minimum of 24 hours becuas that is the minimum in the policy.  My options as I see them are to either set the min password age = 0 in the policy or force users to wait 24 hours to change their password.

    LVL 6

    Accepted Solution

    I don't think you'll ever get AD to provide you with the user's password so that you can call user.ChangePassword. Isn't an AD password stored using a 1-way hash? If it is, no one - not even Windows - can turn that back into clear text for you to pass around as a parameter.

    Featured Post

    Training Course: Java/J2EE and SOA

    This course will cover both core and advanced Java concepts like Database connectivity, Threads, Exception Handling, Collections, JSP, Servlets, XMLHandling, and more. You'll also learn various Java frameworks like Hibernate and Spring.

    Join & Write a Comment

    Welcome my friends to the second instalment and follow-up to our Minify and Concatenate Your Scripts and Stylesheets (…
    In my previous two articles we discussed Binary Serialization ( and XML Serialization ( In this article we will try to know more about SOAP (Simple Object Acces…
    Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    23 Experts available now in Live!

    Get 1:1 Help Now