Reputation: 12975
How do I define the password rules for the ASP.NET Membership Provider?
When using web forms authentication with the ASP.NET Membership provider, we are defaulted to some decently strict password rules. I think eight characters, including one non-alpha, are required.
I'm not looking to make them all willy-nill loose, but generally I do not use a non-alpha character in my own password, and feel like a hypocrite forcing my users to do so.
I've done some looking, but can't figure out where this rule is defined. I'm sure I'm just missing something simple - anyone know?
Upvotes: 3
Views: 11227
Answers (2)
Reputation: 2413
See this article. You can set the minRequiredNonAlphanumericCharacters setting.
Upvotes: 2
Reputation: 23339
You could use the passwordStrengthRegularExpression property of the configuration\system.web\membership\providers\add section of the web config.
I don't know if ASP.NET allows a user to create an account if the password doesn't complains the regular expression especified.
There is an example here.
Upvotes: 2
Related Questions
- Asp.net membership password format
- Password Policy in ASP.NET Profile (Membership)
- How to set password rules for ASP.NET identity?
- Asp.net Membership password
- asp.net membership password security
- asp.net membership additional password policy rules
- ASP.NET Membership Provider password configuration
- ASP.NET Membership PasswordLength and other properties
- ASP.NET Membership validate password
- ASP.NET Membership Password?