问题
Am using ASP.NET membership authentication in a small website and i just noticed some thing funny during testing. Am trying to enable user to change their login password any time they wish, i dragged a change password control to the form, i changed the password for my test account, but now all passwords are still working.
I can login with the old password as well as the new password with this particular test account. If i try with any other random characters as the new password, i cant successfully login (which OK). But if type the old password, am able to login, if i type the new password, am still able to login, am finding this very strange.
回答1:
Refresh your browser and/or clear your browsing history. I've had this problem before.
回答2:
I've also had this problem before (its because you are testing locally) even when you think you have cleaned browsing history, make sure you clean the cache and cookies, a few times, and then try it out. (I even open different browsers to check)
If this doesn't work (which it will) try debugging your code, or better yet grabbing the sql call using SQL profiler, which will show what you are passing, and you can try the query in your sql database and see if it returns anything.
Mostly its because you are probably testing locally tho
来源:https://stackoverflow.com/questions/3758462/old-password-still-working-after-password-change-in-asp-net-membership