Examining ASP.NET's Membership, Roles, and Profile - Part 16

Posted by: 4GuysFromRolla.com Headlines, on 08 Jul 2009 | View original | Bookmarked: 0 time(s)

Expiring passwords are a common technique used for improving the security of a computer system. In a nutshell, the system specifies a number of days for which a given password is valid, be it 30 days, 90 days, 120 days, or longer. Once this validity window passes, a user must change her password to a new one before being able to log in. Operating systems like Microsoft Windows have long provided such functionality, but password expiry is a feature that is not as prevalent in web applications.

The ASP.NET Membership system and Login Web controls do not offer out of the box support for password expiry. However, all of the pieces are there for us to implement password expiry; it takes just a dash of markup here and a pinch of code there. For example, the Login Web controls include a ChangePassword control, which allows a user to reset his password. The Membership system already tracks the last date and time a user changed his password, and with a few lines of code we can customize the authentication logic for the Login control, prohibiting users whose password has expired from logging in.

This article shows how to implement password expiry in an ASP.NET application that uses the SqlMembershipProvider Membership provider; the complete code is available for download at the end of this article. Read on to learn more!
Read More >

Category: ASP.NET | Other Posts: View all posts by this blogger | Report as irrelevant | View bloggers stats | Views: 1444 | Hits: 55

Similar Posts

  • Examining ASP.NET 2.0's Membership, Roles, and Profile - Part 18 more
  • Scenarios for WS-Passive and OpenID more
  • ASP.NET Membership Tip: Requiring New Users To Change Their Password When Logging On For The First Time more
  • Why Embedded Silverlight Makes Sense more
  • Lets build an Application Together. more
  • May 30th Links: ASP.NET, AJAX, ASP.NET MVC, Visual Studio more
  • Next Four Hosting Tutorials Now Online more
  • Nov 6th Links: ASP.NET, ASP.NET AJAX, jQuery, ASP.NET MVC, Silverlight and WPF more
  • Email Verification for New Accounts via ASP.NET's Membership Framework more
  • .NET Framework Client Profile more

News Categories

.NET | Agile | Ajax | Architecture | ASP.NET | BizTalk | C# | Certification | Data | DataGrid | DataSet | Debugger | DotNetNuke | Events | GridView | IIS | Indigo | JavaScript | Mobile | Mono | Patterns and Practices | Performance | Podcast | Refactor | Regex | Security | Sharepoint | Silverlight | Smart Client Applications | Software | SQL | VB.NET | Visual Studio | W3 | WCF | WinFx | WPF | WSE | XAML | XLinq | XML | XSD