Examining ASP.NET 2.0’s Membership, Roles, and Profile – Part 14
The ASP.NET Toolbox includes two Web controls for managing users’ passwords: the ChangePassword control and the PasswordRecovery control. The ChangePassword control allows a user signed into the site to change their password by entering their existing password and their new, desired password. The PasswordRecovery control is used to reset or recover a user’s password in the event that it has been forgotten. The PasswordRecovery control is used by anonymous users who need to be reminded of their password. Assuming that the Membership system is configured to require that users have a security question and answer (the default behavior), the user is presented with their security question and must correctly enter their security answer in order to have their password reset or recovered. While there are two controls for managing passwords, there are no Web controls in the Toolbox for managing a user’s security question and answer. In other words, there’s no built-in control that allows a signed in user to change her security question and answer. The good news is that while no control offers this functionality it’s not difficult to implement this feature ourselves. The MembershipUser class has a ChangePasswordQuestionAndAnswer method that modifies the security question and answer information using the configured Membership provider. This article shows how to build a page that permits a signed in user to change their security question and answer, and a demo application is available for download at the end of the article that showcases this functionality in action. Read on to learn more! Read More >
