I have a custom Register form which includes a security question and answer - works fine.
However, I have the following reset password logic which only works if the requiresQuestionAndAnswer property is set to false in my Web.Config file. Can someone show me a recommended way to code the question and answer logic into my ResetPassword code-behind? Is another trip to the DB necessary here?
public void ResetPassword_OnClick(object sender, EventArgs args)
{
string newPassword;
u = Membership.GetUser(UsernameTextBox.Text, false);
newPassword = u.ResetPassword();
if (newPassword != null)
{
Msg.Text
= "Password reset. Your new password is: "
+ Server.HtmlEncode(newPassword);
}
else
{
Msg.Text
= "Password reset failed. Please re-enter your values.";
}
}
I found the answer here:
MembershipUser.PasswordQuestion Property
"If RequiresQuestionAndAnswer is true, then the password answer for a membership user must be supplied to the GetPassword and ResetPassword methods."