Password Policy in ASP.NET Profile (Membership)

Ali Sarshogh picture Ali Sarshogh · Oct 13, 2013 · Viewed 10.8k times · Source

In change password page, we have this code, So if we want to change Password Policy into "StrongPolicy", have we a way or is it by default?

Also can we change it to weak policy ?

I read MSDN but couldn't find it.

Membership mu ; 
mu=Membership.GetUser(txtUserName.Text); 

mu.UnlockUser();
var newPass= mu.ResetPassword();
mu.ChangePassword(newPass,TxtPassword.Text);

Answer

Jay picture Jay · Jul 10, 2014

If you are using MVC 5 (possibly MVC4, havent checked).

Theres a nice easy way of changing this without changing the config. In your solution explorer, go to

'App_Start' > IdentityConfig

Here you will see a passwordvalidator, changing these settings will allow you to alter the complexity of passwords required for your site:

manager.PasswordValidator = new PasswordValidator { RequiredLength = 6, RequireNonLetterOrDigit = true, RequireDigit = true, RequireLowercase = true, RequireUppercase = true, };