locked
Password Regular Expression RRS feed

  • Question

  • User1309403994 posted
    It appears that there's a password length/format requirement for the personal site registration page, but when I look at the CreateUserWizard properties, the PasswordRegularExpression is not set to anything specific.  Does anyone know how/where this default is set? 
    Tuesday, May 24, 2005 4:58 AM

All replies

  • User1793983471 posted

    By default, passwords must be "strong" which means:

    1. At least 8 characters
    2. At least one uppercase and one lowercase letter
    3. At least one non-alphabetic character

     

    Good luck!

    Tuesday, May 24, 2005 7:20 AM
  • User-778272151 posted

    put this under  <system.web>

    <membership defaultProvider="AspNetSqlProvider">
       <providers>
          <
    add name="AspNetSqlProvider
             
    type="System.Web.Security.SqlMembershipProvider"
             
    connectionStringName="LocalSqlServer" //name of the connection to the ASPNETDB database
             r
    equiresQuestionAndAnswer="false"
             
    requiresUniqueEmail="true"
             
    passwordFormat="Hashed"
             
    minRequiredNonalphanumericCharacters="0"
             
    minRequiredPasswordLength="3" />
       </
    providers>
    </
    membership>

    the settings is selfexplaning i think?

    Tuesday, May 24, 2005 8:08 AM
  • User975673017 posted

    Im added this to <system.web>
    After that random foto disapeared from very first page :((

    Friday, June 24, 2005 7:34 AM
  • User-554730672 posted

    Shouldn't that code go into the web.config file?

     

    Monday, June 27, 2005 2:38 PM
  • User-601135710 posted

    unfortunately this does not work for me

    when I put in a non alphabetic character I get an error message

    the password format is set to INT should it be

     

     

    Monday, September 26, 2005 9:57 AM
  • User2087284990 posted

    Accually that shows you how much an MVP knows:

    By default passwords must be "strong" which means:

    1.At least 7 characters
    2.At least one non-alphanumeric character

    If you use the createuserwizard this is what it uses. But Microsoft has designed it so we have to set up all this bull to create our own register user page instead of exposing us to to the SqlMembershipProvider's default regular expresion or better yet give us a function in the class that say checks they way users put in there passwords. I don't like using Microsofts prefabed crap becuase most of the time that's what it is. Microsoft forces us to use their junk by making it difficult to do it ourselves. I know nothing about regular expresions and plan on doing it the old fasion way by parsing though the strings.

    By the way on MSDN ^(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,10}$ is what the MVP is talking about which is listed as a custom expresion.

    Go back to MVP School and get some learning done or join the rest of us and really learn something.

    Wednesday, May 31, 2006 4:08 PM
  • User-1392798824 posted

    Hi ersheido,

    You can do this by adding a PasswordRegularExpression attribute to the <asp:CreateUserWizard> element (in Source View): (Note: Please check the bold text.)

    <asp:CreateUserWizard ID="CreateUserWizard1" runat="server" PasswordHintText="Password must be at least 8 characters long, contain at least one one lower case letter, one upper case letter, one digit and one special character." PasswordRegularExpression = '^.*(?=.{8,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[@#$%^&+=]).*$' PasswordRegularExpressionErrorMessage=
            "Error: Your password must be at least 8 characters long, contain at least one one lower case letter, one upper case letter, one digit and one special character, Valid special characters."
    BackColor="#F7F7DE" BorderColor="#CCCC99"
                BorderStyle="Solid" BorderWidth="1px" ContinueDestinationPageUrl="~/Default.aspx"
                DisplayCancelButton="True" DisplaySideBar="True" Font-Names="Verdana" Font-Size="10pt">
                <SideBarStyle BackColor="#7C6F57" BorderWidth="0px" Font-Size="0.9em" VerticalAlign="Top" />
                <SideBarButtonStyle BorderWidth="0px" Font-Names="Verdana" ForeColor="#FFFFFF" />
                <ContinueButtonStyle BackColor="#FFFBFF" BorderColor="#CCCCCC" BorderStyle="Solid"
                    BorderWidth="1px" Font-Names="Verdana" ForeColor="#284775" />
                <NavigationButtonStyle BackColor="#FFFBFF" BorderColor="#CCCCCC" BorderStyle="Solid"
                    BorderWidth="1px" Font-Names="Verdana" ForeColor="#284775" />
                <HeaderStyle BackColor="#6B696B" Font-Bold="True" ForeColor="#FFFFFF" HorizontalAlign="Center" />
                <CreateUserButtonStyle BackColor="#FFFBFF" BorderColor="#CCCCCC" BorderStyle="Solid"
                    BorderWidth="1px" Font-Names="Verdana" ForeColor="#284775" />
                <TitleTextStyle BackColor="#6B696B" Font-Bold="True" ForeColor="#FFFFFF" />
                <StepStyle BorderWidth="0px" />
                <WizardSteps>
                    <asp:CreateUserWizardStep runat="server">
                    </asp:CreateUserWizardStep>
                    <asp:CompleteWizardStep runat="server">
                    </asp:CompleteWizardStep>
                </WizardSteps>
            </asp:CreateUserWizard> 

        Please mark the most helpful reply/replies as "Answer".

        Good Luck & Best Wishes & Best Regards

        Furqan Ahmed

     

     

    Wednesday, March 25, 2009 8:45 AM
  • User1130775117 posted

    Working on the createuserwizard & found that these settings can be set from explorer.exe, manage computer dialog, services, iis, open the website, go to asp.net, edit configuration button, Authorization tab, Manage Providers button opens the dialog to change settings, add in a regex and so on.

    It inserts the code for you into web.config when you update the settings from default, which when I just did it only had a 3-character minimum (IIS7 vs2008) so this worthy of attention.

    Friday, December 18, 2009 8:08 PM