Click here to Skip to main content
15,306,686 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
I want to remove email field from CreateUserWizard. I removed email by adding 'requiresUniqueEmail="false" ' to web.config and setting 'Enables="false" ' of 'EmailRequired'.
But now my concern is how user can get his password when he reset password by ForgotPassword using 'PasswordRecovery'.
I want to send that password by sms to user's mobile number instead of on his email id.
How can I get either the decrypted password from aspnet_Membership table or send decrypted password on mobile number instead of email id.

What I have tried:

1) I have tried to decrypt password using password & password salt from aspnet_Membership table.
2) Tried code as per below article,it shows decryptionKey s wrong.
http://www.byteblocks.com/post/2011/05/03/Decrypt-password-in-SqlMembershipProvider.aspx
Posted
Comments
DotNetSteve 13-Feb-16 10:14am
   
It seems as though you have two issues your trying to address. 1. How can I store a phone number to send a password to and 2. I want to decrypt the password and send it back via sms.

I personally would re-think sending a password. Your opening yourself up to an attack vector for stealing passwords. You should create a new password and force a password reset on login.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900