Changing the password rules for Forms Authentication
An annoying feature of the forms authentication controls shipped with VS2005 is that it forces users to enter non-alphanumberic characters in their passwords by default.. e.g. password would have to be password!
Fortunately, this option can be turned off by adding a membership provider section to your web.config
The following setting controls the non-alphanumeric..
minRequiredNonalphanumericCharacters="0"
Below is an example of what you need to add to the <system.web> section
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider"
connectionStringName="LocalSqlServer"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
applicationName="/YourWebSiteName"
requiresUniqueEmail="false"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="6"
minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10"
passwordStrengthRegularExpression=""
type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
</providers>
</membership>
| Author |
: Paul Hayman |
| Published |
: Wednesday, 28 June, 2006 |
Paul is the COO of kwiboo ltd consultant and has more than a decade of IT consultancy experience. He has consulted for a number of blue chip companies and has been exposed to the folowing sectors: Utilities, Telecommunications, Insurance, Media, Investment Banking, Leisure, Legal, CRM, Pharmaceuticals, Interactive Gaming, Mobile Communications, Online Services.
Paul is the COO and co-founder of kwiboo (http://www.kwiboo.com/) and is also the creator of GeekZilla.