• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 391
  • Last Modified:

Manual Reset Users Password

I currently have a site where I administer users and their account.  On my Admin dashboard I want to be able to reset their user's password to whatever I type without knowing the users current password.  Below is my coding, I want to either be able to get the user's current password and then change it to whatever I enter in the tb_PWOverride textbox or if that isn't possible I want to reset their password, and get the hashed password and change it to whatever I type in the tb_PWOverride textbox.

the textbox's tb_SecQuest, and tb_SecAns are text boxs I am using to update the security question and answer.  That part of the procedure is at least working right now.

        protected void btn_profile_Update_Click(object sender, EventArgs args)
        {
            try
            {

                MembershipUser u = Membership.GetUser(ddl_AllUsers.SelectedValue);
                //string tempPswd = u.ResetPassword(); ------I would use this line only if I reset
                string oldPswd = u.GetPassword();
                u.ChangePassword(oldPswd, tb_PWOverride.Text);
                Boolean result = u.ChangePasswordQuestionAndAnswer(tb_PWOverride.Text, tb_SecQuest.Text, tb_SecAns.Text);

                if (result)
                    Msg.Text = "Password Question and Answer has been updated.";
                else
                    Msg.Text = "Password Question and Answer was not updated.";
            }
            catch (Exception )
            {
                Msg.Text = "Change Failed. Please re-enter your values and try again.";
            }
        }

    }
}

Open in new window

0
Shade22
Asked:
Shade22
  • 2
1 Solution
 
Carl TawnSystems and Integration DeveloperCommented:
If you call ResetPassword() on the User object it should generate a new password and return it to you. You can then feed that into the ChangePassword() method to change it.
0
 
Shade22Author Commented:
Sorry, I forgot to close this since I found my own solution.  The main issue was changing the user's password, secret question, and answer in one procedure.  With the need of current password to change the secret question and answer and the need of current password to reset or change the current password I had to use 2 providers.  Provider#1 is set to requiresQuestionAndAnswer="true" and provider#2 is set to requiresQuestionAndAnswer="false". I use provider#2 to reset the password, and then provider#1 to change the secret question and answer.

        protected void btn_profile_Update_Click(object sender, EventArgs args)
        {
            try
            {

                MembershipUser u = Membership.GetUser(ddl_AllUsers.SelectedValue);
                MembershipUser mu = Membership.Providers["Provider#2"].GetUser(ddl_AllUsers.SelectedValue, true);
                string tempPswd = mu.ResetPassword();
                u.ChangePassword(tempPswd, tb_PWOverride.Text);
                Boolean result = u.ChangePasswordQuestionAndAnswer(tb_PWOverride.Text, tb_SecQuest.Text, tb_SecAns.Text);

                if (result)
                    Msg.Text = "Password Quesiton and Answer has been updated.";
                else
                    Msg.Text = "Password Question and Answer was not updated.";
            }
            catch (Exception )
            {
                Msg.Text = "Change Failed. Please re-enter your values and try again.";
            }
        }

Open in new window

0
 
Shade22Author Commented:
It works.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now