ResetPassword Requiring passwordAnswer

I have a site that is using membership as provided with ASP.NET. I have a
page to reset the password, that is only available to the site administrator.
I have RequireQuestionandAnswer set to false.

web.config entries







enablePasswordRetrieval="false" enablePasswordReset="true"
requiresUniqueEmail="false" requiresQuestionAndAnswer="false"
maxInvalidPasswordAttempts="5" passwordFormat="Hashed" applicationName="/"
name="SQLProvider" type="System.Web.Security.SqlMembershipProvider"/>



VB Code
labelReset.Text = "Password for " & ddUsers.Text & vbCrLf & "has been
changed to " & User.ResetPassword()

Whenever I run the site, and try to reset a password, I get an error that
the passwordAnswer can't be null. How do I fix this?

RE: ResetPassword Requiring passwordAnswer

Hi vpeppers,

Regarding on the your description, you found that the "ResetPassword"
(without RequireQuestionAndAnswer) not work as expected in your ASP.NET
application, correct?

I've performed a quick test via a simple ASP.NET application that use SQL
membership provider. When you set "requiresQuestionAndAnswer" to "false",
you should be able to call "ResetPassword" without giving the answer(of the
secure question). I think the problem should be caused by something else.

In the configuration section you provided, you use the following schema to
register your customized provider:

===========


enablePasswordRetrieval="false" enablePasswordReset="true"
requiresUniqueEmail="false" requiresQuestionAndAnswer="false"
maxInvalidPasswordAttempts="5" passwordFormat="Hashed" applicationName="/"
name="SQLProvider" type="System.Web.Security.SqlMembershipProvider"/>


==========

However, I found that you haven't specify the "defaultProvider" as below.
This is required if you want the ASP.NET membership to use your new
custoimzed provider, otherwise, the runtime may still use the default
provider(set in the machine.config level):



you can even first clear all the old providers. e.g.

=============



type="System.Web.Security.SqlMembershipProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="MYASPDBConnectionString"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
applicationName="/"
requiresUniqueEmail="false"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="7"
minRequiredNonalphanumericCharacters="1"
passwordAttemptWindow="10"
passwordStrengthRegularExpression="" />


=================

Above is my test membership configure section which works as expected. You
can also try it to see whether it works.

Hope this helps you.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
msdnmg@microsoft.com.

==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/de fault.aspx#notif
ications.

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx .
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.



--------------------
>From: =?Utf-8?B?VmVybm9uIFBlcHBlcnM=?=
>Subject: ResetPassword Requiring passwordAnswer
>Date: Mon, 31 Mar 2008 19:23:02 -0700

>
>I have a site that is using membership as provided with ASP.NET. I have a
>page to reset the password, that is only available to the site
administrator.
> I have RequireQuestionandAnswer set to false.
>
>web.config entries
>
>
>
>
>
>
>
> >enablePasswordRetrieval="false" enablePasswordReset="true"
>requiresUniqueEmail="false" requiresQuestionAndAnswer="false"
>maxInvalidPasswordAttempts="5" passwordFormat="Hashed" applicationName="/"
>name="SQLProvider" type="System.Web.Security.SqlMembershipProvider"/>
>
>
>
>VB Code
>labelReset.Text = "Password for " & ddUsers.Text & vbCrLf & "has been
>changed to " & User.ResetPassword()
>
>Whenever I run the site, and try to reset a password, I get an error that
>the passwordAnswer can't be null. How do I fix this?
>
>

RE: ResetPassword Requiring passwordAnswer

That fixed it. Thanks ever so much.

"Steven Cheng [MSFT]" wrote:

> Hi vpeppers,
>
> Regarding on the your description, you found that the "ResetPassword"
> (without RequireQuestionAndAnswer) not work as expected in your ASP.NET
> application, correct?
>
> I've performed a quick test via a simple ASP.NET application that use SQL
> membership provider. When you set "requiresQuestionAndAnswer" to "false",
> you should be able to call "ResetPassword" without giving the answer(of the
> secure question). I think the problem should be caused by something else.
>
> In the configuration section you provided, you use the following schema to
> register your customized provider:
>
> ===========
>
>
> > enablePasswordRetrieval="false" enablePasswordReset="true"
> requiresUniqueEmail="false" requiresQuestionAndAnswer="false"
> maxInvalidPasswordAttempts="5" passwordFormat="Hashed" applicationName="/"
> name="SQLProvider" type="System.Web.Security.SqlMembershipProvider"/>
>
>
> ==========
>
> However, I found that you haven't specify the "defaultProvider" as below.
> This is required if you want the ASP.NET membership to use your new
> custoimzed provider, otherwise, the runtime may still use the default
> provider(set in the machine.config level):
>
>
>
> you can even first clear all the old providers. e.g.
>
> =============
>
>
>
> > type="System.Web.Security.SqlMembershipProvider, System.Web,
> Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
> connectionStringName="MYASPDBConnectionString"
> enablePasswordRetrieval="false"
> enablePasswordReset="true"
> requiresQuestionAndAnswer="false"
> applicationName="/"
> requiresUniqueEmail="false"
> passwordFormat="Hashed"
> maxInvalidPasswordAttempts="5"
> minRequiredPasswordLength="7"
> minRequiredNonalphanumericCharacters="1"
> passwordAttemptWindow="10"
> passwordStrengthRegularExpression="" />
>
>
> =================
>
> Above is my test membership configure section which works as expected. You
> can also try it to see whether it works.
>
> Hope this helps you.
>
> Sincerely,
>
> Steven Cheng
>
> Microsoft MSDN Online Support Lead
>
>
> Delighting our customers is our #1 priority. We welcome your comments and
> suggestions about how we can improve the support we provide to you. Please
> feel free to let my manager know what you think of the level of service
> provided. You can send feedback directly to my manager at:
> msdnmg@microsoft.com.
>
> ==================================================
> Get notification to my posts through email? Please refer to
> http://msdn.microsoft.com/subscriptions/managednewsgroups/de fault.aspx#notif
> ications.
>
> Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
> where an initial response from the community or a Microsoft Support
> Engineer within 1 business day is acceptable. Please note that each follow
> up response may take approximately 2 business days as the support
> professional working with you may need further investigation to reach the
> most efficient resolution. The offering is not appropriate for situations
> that require urgent, real-time or phone-based interactions or complex
> project analysis and dump analysis issues. Issues of this nature are best
> handled working with a dedicated Microsoft Support Engineer by contacting
> Microsoft Customer Support Services (CSS) at
> http://msdn.microsoft.com/subscriptions/support/default.aspx .
> ==================================================
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
>
>
> --------------------
> >From: =?Utf-8?B?VmVybm9uIFBlcHBlcnM=?=
> >Subject: ResetPassword Requiring passwordAnswer
> >Date: Mon, 31 Mar 2008 19:23:02 -0700
>
> >
> >I have a site that is using membership as provided with ASP.NET. I have a
> >page to reset the password, that is only available to the site
> administrator.
> > I have RequireQuestionandAnswer set to false.
> >
> >web.config entries
> >
> >
> >
> >
> >
> >
> >
> > > >enablePasswordRetrieval="false" enablePasswordReset="true"
> >requiresUniqueEmail="false" requiresQuestionAndAnswer="false"
> >maxInvalidPasswordAttempts="5" passwordFormat="Hashed" applicationName="/"
> >name="SQLProvider" type="System.Web.Security.SqlMembershipProvider"/>
> >
> >
> >
> >VB Code
> >labelReset.Text = "Password for " & ddUsers.Text & vbCrLf & "has been
> >changed to " & User.ResetPassword()
> >
> >Whenever I run the site, and try to reset a password, I get an error that
> >the passwordAnswer can't be null. How do I fix this?
> >
> >
>
>

RE: ResetPassword Requiring passwordAnswer

That's great! I'm glad that the problem is resolved.

Have a nice day!

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
msdnmg@microsoft.com.

==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/de fault.aspx#notif
ications.

This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
>From: =?Utf-8?B?VmVybm9uIFBlcHBlcnM=?=
>References: <38AFE0FE-452F-480C-85E2-14DCD45541C9@microsoft.com>
<2jMsiT9kIHA.3756@TK2MSFTNGHUB02.phx.gbl>
>Subject: RE: ResetPassword Requiring passwordAnswer
>Date: Tue, 1 Apr 2008 06:20:01 -0700

>
>That fixed it. Thanks ever so much.
>
>"Steven Cheng [MSFT]" wrote:
>
>> Hi vpeppers,
>>
>> Regarding on the your description, you found that the "ResetPassword"
>> (without RequireQuestionAndAnswer) not work as expected in your ASP.NET
>> application, correct?
>>
>> I've performed a quick test via a simple ASP.NET application that use
SQL
>> membership provider. When you set "requiresQuestionAndAnswer" to
"false",
>> you should be able to call "ResetPassword" without giving the answer(of
the
>> secure question). I think the problem should be caused by something else.
>>
>> In the configuration section you provided, you use the following schema
to
>> register your customized provider:
>>
>> ===========
>>
>>
>> >> enablePasswordRetrieval="false" enablePasswordReset="true"
>> requiresUniqueEmail="false" requiresQuestionAndAnswer="false"
>> maxInvalidPasswordAttempts="5" passwordFormat="Hashed"
applicationName="/"
>> name="SQLProvider" type="System.Web.Security.SqlMembershipProvider"/>
>>
>>
>> ==========
>>
>> However, I found that you haven't specify the "defaultProvider" as
below.
>> This is required if you want the ASP.NET membership to use your new
>> custoimzed provider, otherwise, the runtime may still use the default
>> provider(set in the machine.config level):
>>
>>
>>
>> you can even first clear all the old providers. e.g.
>>
>> =============
>>
>>
>>
>> >> type="System.Web.Security.SqlMembershipProvider,
System.Web,
>> Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
>> connectionStringName="MYASPDBConnectionString"
>> enablePasswordRetrieval="false"
>> enablePasswordReset="true"
>> requiresQuestionAndAnswer="false"
>> applicationName="/"
>> requiresUniqueEmail="false"
>> passwordFormat="Hashed"
>> maxInvalidPasswordAttempts="5"
>> minRequiredPasswordLength="7"
>> minRequiredNonalphanumericCharacters="1"
>> passwordAttemptWindow="10"
>> passwordStrengthRegularExpression="" />
>>
>>
>> =================
>>
>> Above is my test membership configure section which works as expected.
You
>> can also try it to see whether it works.
>>
>> Hope this helps you.
>>
>> Sincerely,
>>
>> Steven Cheng
>>
>> Microsoft MSDN Online Support Lead
>>
>>
>> Delighting our customers is our #1 priority. We welcome your comments
and
>> suggestions about how we can improve the support we provide to you.
Please
>> feel free to let my manager know what you think of the level of service
>> provided. You can send feedback directly to my manager at:
>> msdnmg@microsoft.com.
>>
>> ==================================================
>> Get notification to my posts through email? Please refer to
>>
http://msdn.microsoft.com/subscriptions/managednewsgroups/de fault.aspx#notif
>> ications.
>>
>> Note: The MSDN Managed Newsgroup support offering is for non-urgent
issues
>> where an initial response from the community or a Microsoft Support
>> Engineer within 1 business day is acceptable. Please note that each
follow
>> up response may take approximately 2 business days as the support
>> professional working with you may need further investigation to reach
the
>> most efficient resolution. The offering is not appropriate for
situations
>> that require urgent, real-time or phone-based interactions or complex
>> project analysis and dump analysis issues. Issues of this nature are
best
>> handled working with a dedicated Microsoft Support Engineer by
contacting
>> Microsoft Customer Support Services (CSS) at
>> http://msdn.microsoft.com/subscriptions/support/default.aspx .
>> ==================================================
>> This posting is provided "AS IS" with no warranties, and confers no
rights.
>>
>>
>>
>> --------------------
>> >From: =?Utf-8?B?VmVybm9uIFBlcHBlcnM=?=
>> >Subject: ResetPassword Requiring passwordAnswer
>> >Date: Mon, 31 Mar 2008 19:23:02 -0700
>>
>> >
>> >I have a site that is using membership as provided with ASP.NET. I
have a
>> >page to reset the password, that is only available to the site
>> administrator.
>> > I have RequireQuestionandAnswer set to false.
>> >
>> >web.config entries
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> > >> >enablePasswordRetrieval="false" enablePasswordReset="true"
>> >requiresUniqueEmail="false" requiresQuestionAndAnswer="false"
>> >maxInvalidPasswordAttempts="5" passwordFormat="Hashed"
applicationName="/"
>> >name="SQLProvider" type="System.Web.Security.SqlMembershipProvider"/>
>> >
>> >
>> >
>> >VB Code
>> >labelReset.Text = "Password for " & ddUsers.Text & vbCrLf & "has been
>> >changed to " & User.ResetPassword()
>> >
>> >Whenever I run the site, and try to reset a password, I get an error
that
>> >the passwordAnswer can't be null. How do I fix this?
>> >
>> >
>>
>>
>