Solved

Manual Reset Users Password

Posted on 2013-11-19
3
376 Views
Last Modified: 2013-11-25
I currently have a site where I administer users and their account.  On my Admin dashboard I want to be able to reset their user's password to whatever I type without knowing the users current password.  Below is my coding, I want to either be able to get the user's current password and then change it to whatever I enter in the tb_PWOverride textbox or if that isn't possible I want to reset their password, and get the hashed password and change it to whatever I type in the tb_PWOverride textbox.

the textbox's tb_SecQuest, and tb_SecAns are text boxs I am using to update the security question and answer.  That part of the procedure is at least working right now.

        protected void btn_profile_Update_Click(object sender, EventArgs args)
        {
            try
            {

                MembershipUser u = Membership.GetUser(ddl_AllUsers.SelectedValue);
                //string tempPswd = u.ResetPassword(); ------I would use this line only if I reset
                string oldPswd = u.GetPassword();
                u.ChangePassword(oldPswd, tb_PWOverride.Text);
                Boolean result = u.ChangePasswordQuestionAndAnswer(tb_PWOverride.Text, tb_SecQuest.Text, tb_SecAns.Text);

                if (result)
                    Msg.Text = "Password Question and Answer has been updated.";
                else
                    Msg.Text = "Password Question and Answer was not updated.";
            }
            catch (Exception )
            {
                Msg.Text = "Change Failed. Please re-enter your values and try again.";
            }
        }

    }
}

Open in new window

0
Comment
Question by:Shade22
  • 2
3 Comments
 
LVL 52

Expert Comment

by:Carl Tawn
ID: 39660365
If you call ResetPassword() on the User object it should generate a new password and return it to you. You can then feed that into the ChangePassword() method to change it.
0
 

Accepted Solution

by:
Shade22 earned 0 total points
ID: 39662283
Sorry, I forgot to close this since I found my own solution.  The main issue was changing the user's password, secret question, and answer in one procedure.  With the need of current password to change the secret question and answer and the need of current password to reset or change the current password I had to use 2 providers.  Provider#1 is set to requiresQuestionAndAnswer="true" and provider#2 is set to requiresQuestionAndAnswer="false". I use provider#2 to reset the password, and then provider#1 to change the secret question and answer.

        protected void btn_profile_Update_Click(object sender, EventArgs args)
        {
            try
            {

                MembershipUser u = Membership.GetUser(ddl_AllUsers.SelectedValue);
                MembershipUser mu = Membership.Providers["Provider#2"].GetUser(ddl_AllUsers.SelectedValue, true);
                string tempPswd = mu.ResetPassword();
                u.ChangePassword(tempPswd, tb_PWOverride.Text);
                Boolean result = u.ChangePasswordQuestionAndAnswer(tb_PWOverride.Text, tb_SecQuest.Text, tb_SecAns.Text);

                if (result)
                    Msg.Text = "Password Quesiton and Answer has been updated.";
                else
                    Msg.Text = "Password Question and Answer was not updated.";
            }
            catch (Exception )
            {
                Msg.Text = "Change Failed. Please re-enter your values and try again.";
            }
        }

Open in new window

0
 

Author Closing Comment

by:Shade22
ID: 39674047
It works.
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wouldn’t it be nice if you could test whether an element is contained in an array by using a Contains method just like the one available on List objects? Wouldn’t it be good if you could write code like this? (CODE) In .NET 3.5, this is possible…
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question