Change User Password in ASP.NET Forms Authentication

Question

I code in C# (ASP.NET) and am using Forms authentication.
I would like to know which is the best method to change a user password without using the asp:ChangePassword c

Answer 1

This Membership Provider has not been configured to support password retrieval.

The above message is displayed because of your password format will be salt and so that you can't get the password of the user. If you want to do this change the password format and try again.

Answer 2

Got it solved. Thanks to my fellow developer.

var myUser = Membership.GetUser(userID);
bool isChangeSuccess = myUser.ChangePassword(
    myUser.ResetPassword(),
    ActivateUserPasswordText.Text.Trim());

Cant say I liked it much though.
I thought ResetPassword() would be returning a bool.

Answer 3

On the off chance someone is using the ApplicationUser and not the Membership - as I was because I did not want to set a Membership Provider - you can change the password this way:

            Dim manager = New UserManager()
            Dim userChange As ApplicationUser = manager.FindById(IDUser)

            userChange.PasswordHash = manager.PasswordHasher.HashPassword(newPassword.Value)
            Dim val As Object = manager.Update(userChange)

Hope this helps someone

Answer 4

Assuming you are using the ASP.NET security thingies.

System.Web.Security.MembershipProvider.ChangePassword method

Answer 5

Only the Hash value for the passwords are usually stored by the asp.net membership provider, so it is not possible to retrieve the original password. It is possible to change this behavior by configuration, but it is not recommended.
Simply ask the user to enter the old password also while changing the password. You can use the old password entered by the user in the User.ChangePassword method and it should work fine.