Reputation: 46651
ASP.NET Membership Password?
If I require a password to be between 7 and 16 characters and contain at least 1 numeric password and then send a temporary password that contains no numeric characters and % signs and the ^ sign, will the password fail?
Upvotes: 1
Views: 470
Answers (4)
Reputation: 5834
I suggest creating all temporary passwords to match the password complexity rules.
However the rules are only enforced when the password is changed, not when you log in.
The percent symbol shouldn't be used just in case it's misinterpreted as escaped hex.
Upvotes: 0
Reputation: 7983
IIRC, the temporary password will follow the rules that you have establish. I would use the MembershipUser method: ResetPassword, to create all temporary passwords for the users.
Upvotes: 0
Reputation: 12126
I do not believe so. The check for password complexity requirements should only occur when the password is created or changed.
Upvotes: 0
Related Questions
- How to manually change password in asp.net membership?
- Asp.net membership password format
- how to get the password of membership users in asp.net
- Membership ASP.NET GetPassword
- Asp.net Membership password
- asp.net membership password security
- membership change password
- ASP.NET Membership Provider password configuration
- ASP.net Membership control
- ASP.NET Membership validate password