change password in MVC 4

asp.net-mvc authentication simplemembership
Bartosz picture Bartosz · Jan 10, 2013 · Viewed 15.5k times · Source

I am building ASP.NET MVC 4 application. I use Simple Membership provider to manage authentication and authorization within the system. What are the ways of changing the password in this approach. I found a ChangePassword method which takes three parameters, including original password, to operate.

Is there any other way to override/change the password for the user without actually knowing original password?

Answer

Cj S. picture Cj S. · Jan 10, 2013

ChangePassword is used when a user wants to change their password - and the current password is their evidence to allow this to happen (think Change Password Screen).

I think the most direct way to do this is to call WebSecurity.GeneratePasswordResetToken() and pass the result into WebSecurity.ResetPassword, along with the new password.

  var token = WebSecurity.GeneratePasswordResetToken("UserName");
  var result = WebSecurity.ResetPassword(token, "NewPassword");

Related questions

MVC 5 Access Claims Identity User Data

I am developing an MVC 5 web application using Entity Framework 5 Database First approach. I am using OWIN for the authentication of Users. Below shows my Login method within my Account Controller. public ActionResult Login(LoginViewModel model, string returnUrl) { if (ModelState.…

Read More
Adding ASP.NET MVC5 Identity Authentication to an existing project

I have seen lots of similar pages on the web, but most of them use a new project instead of an existing one, or don't have the necessary features. So, I have an existing MVC 5 project and want to integrate …

Read More
Why does AuthorizeAttribute redirect to the login page for authentication and authorization failures?

In ASP.NET MVC, you can mark up a controller method with AuthorizeAttribute, like this: [Authorize(Roles = "CanDeleteTags")] public void Delete(string tagName) { // ... } This means that, if the currently logged-in user is not in the "CanDeleteTags" role, the controller method …

Read More