locked
Change Password RRS feed

  • Question

  • User895691971 posted

    Hi,

    I found a msdn post for password change. That goes something like: 

    public static bool ChangePassword(
    	string userName,
    	string currentPassword,
    	string newPassword
    )

    Whose, Razor syntax might be

    WebSecurity.ChangePassword(email, currentpass, newpass);

    But then I saw the page in the startSite Account folder. There was a new syntax for it. 

    WebSecurity.ResetPassword(passwordResetToken, newPassword);

    Here the email is not provided. The email will be there in the resetToken somewhere in the webpage_Membership database table!

    Any help about this? Whats better? Suppose I want to let the users update their passwords, then I might not be using a resetToken! I will provide just two inputs with password, confirm password and another input for current pass. 

    So will I use that one? The code posted above(Razor code)

    Friday, July 26, 2013 5:56 AM

Answers

  • User-306750178 posted

    Hi Afzaal,

    ChangePassword() method is to change the password by giving old and new passwords where ResetPAssword() method will create a new password by giving username.

    ChangePassword() --- User can change the password

    ResetPAssword() --- Uses when user forgot his password. Sends a mail to the user email with reset password.

    Refer these links below

    http://msdn.microsoft.com/en-us/library/system.web.security.membershipuser.changepassword.aspx
    http://msdn.microsoft.com/en-us/library/d94bdzz2.aspx

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, July 26, 2013 6:16 AM
  • User38443587 posted

    Hello, from your description, I see that you want to know why Can the “ChangePassword” work with no username or email of the account.

    Before you call function “ChangePassword” the object should be put the user info, sample code: MembershipUser u = Membership.GetUser(User.Identity.Name);

    u.ChangePassword(OldPassword, Password);

    the email info depends on user info.

     

    As ramu.net told  that you can find the sample code  refer those link.

    changepassword:http://msdn.microsoft.com/en-us/library/system.web.security.membershipuser.changepassword.aspx   ;

    resetpassword:http://msdn.microsoft.com/en-us/library/d94bdzz2.aspx .

     

    thank you.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, July 29, 2013 6:01 AM
  • User-1496281956 posted

    Afzaal.Ahmad.Zeeshan

    The first link that you provided, I read! But there is a confusion. There is only oldpass and newpass param. What if there is a same password for some id? I mean there is no username or email of the account. How to handle that? Can the ChangePassword accept the email? 

    And I now understand the difference. The ResetPassword will accept the resetToken and the newPassword! While the changePassword will let the user to change the password any time. 

    But please help me for that!

    I don't understand what you are saying, the change password method takes three arugments (username, currentpassword, changepassword). It's obvious you can only change the password for the logged in user. So it's something like this:

    WebSecurity.ChangePassword (string username (WebSecurity.CurrentUserName), string currentpw, string newpw)

    As for the reset password, the identity of the user is taken from their token they pass. 

    See this reference. http://www.thecodingguys.net/reference/asp/websecurity-class

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, July 29, 2013 8:00 AM

All replies

  • User-306750178 posted

    Hi Afzaal,

    ChangePassword() method is to change the password by giving old and new passwords where ResetPAssword() method will create a new password by giving username.

    ChangePassword() --- User can change the password

    ResetPAssword() --- Uses when user forgot his password. Sends a mail to the user email with reset password.

    Refer these links below

    http://msdn.microsoft.com/en-us/library/system.web.security.membershipuser.changepassword.aspx
    http://msdn.microsoft.com/en-us/library/d94bdzz2.aspx

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, July 26, 2013 6:16 AM
  • User895691971 posted

    The first link that you provided, I read! But there is a confusion. There is only oldpass and newpass param. What if there is a same password for some id? I mean there is no username or email of the account. How to handle that? Can the ChangePassword accept the email? 

    And I now understand the difference. The ResetPassword will accept the resetToken and the newPassword! While the changePassword will let the user to change the password any time. 

    But please help me for that!

    Friday, July 26, 2013 7:25 AM
  • User38443587 posted

    Hello, from your description, I see that you want to know why Can the “ChangePassword” work with no username or email of the account.

    Before you call function “ChangePassword” the object should be put the user info, sample code: MembershipUser u = Membership.GetUser(User.Identity.Name);

    u.ChangePassword(OldPassword, Password);

    the email info depends on user info.

     

    As ramu.net told  that you can find the sample code  refer those link.

    changepassword:http://msdn.microsoft.com/en-us/library/system.web.security.membershipuser.changepassword.aspx   ;

    resetpassword:http://msdn.microsoft.com/en-us/library/d94bdzz2.aspx .

     

    thank you.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, July 29, 2013 6:01 AM
  • User-1496281956 posted

    Afzaal.Ahmad.Zeeshan

    The first link that you provided, I read! But there is a confusion. There is only oldpass and newpass param. What if there is a same password for some id? I mean there is no username or email of the account. How to handle that? Can the ChangePassword accept the email? 

    And I now understand the difference. The ResetPassword will accept the resetToken and the newPassword! While the changePassword will let the user to change the password any time. 

    But please help me for that!

    I don't understand what you are saying, the change password method takes three arugments (username, currentpassword, changepassword). It's obvious you can only change the password for the logged in user. So it's something like this:

    WebSecurity.ChangePassword (string username (WebSecurity.CurrentUserName), string currentpw, string newpw)

    As for the reset password, the identity of the user is taken from their token they pass. 

    See this reference. http://www.thecodingguys.net/reference/asp/websecurity-class

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, July 29, 2013 8:00 AM
  • User895691971 posted

    True @CriticalError

    I got that working!

    Monday, July 29, 2013 10:31 AM