Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
See more: C# database
can i update password if i give the correct security question and old password. by the question you may get i have a login form which stores three thing a security question a password and a username. i have a form on which there is a textbox on which username have to type and then a second form will open which will contain the security question of the user i want to add a update thiing like forgot your pasword then just reset it or change your pasword till now i have done that coding is
public void button1_Click(object sender, EventArgs e)
        {
            {
                SqlConnection con = new SqlConnection();
                con.ConnectionString = @"Data Source=.\SQLEXPRESS;AttachDbFilename=c:\documents and settings\aquib\my documents\visual studio 2010\Projects\labelnameinsecondformtry\labelnameinsecondformtry\Database1.mdf;Integrated Security=True;User Instance=True";
                string q = ("select SEC_QUESTION,PASSWORD from Table1 where USERNAME='" + textBox1.Text + "'");
                con.Open();
                SqlCommand cmd = new SqlCommand(q, con);
                SqlDataReader dr = cmd.ExecuteReader();
                if (dr.HasRows == true)
                {
                    Form2 f2 = new Form2();
                    while (dr.Read())
                    {
                        f2.label1.Text = dr["SEC_QUESTION"].ToString();
                        f2.textBox2.Text = dr["PASSWORD"].ToString();
                    }
                    dr.Close();
                    con.Close();
                    f2.Show();
                }
Posted 1-Sep-12 8:28am
sariqkhan1.4K
Edited 1-Sep-12 8:30am
v2
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 2

Have a look at: ASP.NET Authentication[^], Forms Authentication Provider[^], Managing Users by Using Membership[^] and ASP.NET Login Controls[^]
 
Pay attention to the The ChangePassword Control which allows users to change their password. The user must first supply the original password and then create and confirm the new password. If the original password is correct, the user password is changed to the new password. The control also includes support for sending an e-mail message about the new password.
 
Use the mechanisms provided by .Net, the ChangePassword Control can be customized to suit your needs.
 
Perhaps you'll be interested in this: Storing Passwords Securely[^]
 
Best regards
Espen Harlinn
  Permalink  
v3
Comments
Mika Wendelius at 2-Sep-12 2:11am
   
You're correct. Probably this is ASP.NET so using these would be the right way to go. 5'd
Espen Harlinn at 2-Sep-12 4:30am
   
Thank you, Mika - sounds like OP is not using a one way hash, and that he is actually storing the passwords in the db :shudder:
Mika Wendelius at 2-Sep-12 5:33am
   
Yep, sounds like that.
sariqkhan at 2-Sep-12 23:20pm
   
bro. My project is small and i dont want to make it complex. So because of it i dont use SHA.... And by the way there is no such step by step implementation of SHA for beginers.
Can you help me in this?
Espen Harlinn at 3-Sep-12 5:37am
   
Forms authentication is already implemented by .Net - so I'm not telling you to implement it, just to use what's already there. Forms authenticaton uses the SHA-1 algorithm.
sariqkhan at 3-Sep-12 8:12am
   
can you exagerate the form authentication. i am building windows form not asp.net page. How can i implement that technique?
Espen Harlinn at 3-Sep-12 8:32am
   
Ah, I really thought you were talking about an asp.net application. For a Windows Forms application I would consider using the PrincipalPermissionAttribute http://msdn.microsoft.com/en-us/library/system.security.permissions.principalpermissionattribute.aspx
 
If you really require a customized setup you can have a look at: http://msdn.microsoft.com/en-us/magazine/cc163807.aspx
qureshiaquib at 7-Oct-12 0:44am
   
thanx bro
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 1

Do you mean how you change the password. If that's the question, as long as you have necessary privileges, you can use the ALTER LOGIN[^] statement to change the password. For example:
 
ALTER LOGIN SomeLoginName WITH PASSWORD = 'NewPasswordToBeSet';
 
Note: Never directly concatenate values to your SQL statement. That leaves you open to SQL injections, data type conversion problems and so on. Instead use SqlParameter[^].
  Permalink  
Comments
Sourav Sarkar-SS at 1-Sep-12 14:53pm
   
I don't think this will be helpful for him.
Mika Wendelius at 1-Sep-12 14:56pm
   
Why do think that?
Sourav Sarkar-SS at 1-Sep-12 14:59pm
   
beacuse he just want to update the table column values not altering the table.
The answer will too long.
So I left it.
You please try and help him.
I'm not insulting you.
Just what I understand for the question.
Sorry if you misunderstand.
Mika Wendelius at 1-Sep-12 15:03pm
   
Don't worry, I don't feel insulted at all :)
 
You may be right that he simply wants to update a row in a table. Hopefully the OP comes in with comments to clarify the situation.
Sourav Sarkar-SS at 1-Sep-12 15:13pm
   
yes, lets wait.
sariqkhan at 1-Sep-12 23:21pm
   
okay.. Lets wait. I think its a simple query. I have to get onto the sql queries for that. I am trying and i will post my second question which will be to correct the queries because i am not sooo good that in first try it will be a success.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
0 Sergey Alexandrovich Kryukov 9,455
1 OriginalGriff 8,295
2 Peter Leow 4,839
3 Kornfeld Eliyahu Peter 3,210
4 Maciej Los 2,301


Advertise | Privacy | Mobile
Web03 | 2.8.150327.1 | Last Updated 2 Sep 2012
Copyright © CodeProject, 1999-2015
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100