Do I need to make a Custom Membership Provider or is there another way?
I have a project using ASP.NET Forms Authentication and the Microsoft SQL Membership Provider. The website is DONE. I use this provider everywhere. (Register, Login, Forgot Password, etc...)
Until now, my website users have not needed complex passwords. The users' passwords were really just pins. The user could select anything for a password in the past. I had almost no restrictions for this website because none of the data is private or personal.
However I have received new requirements.
Here are the new password requirements:
I realize I am going to have to modify all of the following pages: Register, Login, Forgot Password, etc... fortunately I stopped using the default controls a long time ago.
I appreciate your thoughts.
My first thought was that I need to write a Custom Membership Provider.
I don't know how to make the standard provider to do most of this. I could write code to do.
Thanks.
You need to listen to the ValidatingPassword event.
See ASP.NET Membership ChangePassword control - Need to check for previous password for sample code of how to do this.