Click here to Skip to main content
15,942,756 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
can i update password if i give the correct security question and old password. by the question you may get i have a login form which stores three thing a security question a password and a username. i have a form on which there is a textbox on which username have to type and then a second form will open which will contain the security question of the user i want to add a update thiing like forgot your pasword then just reset it or change your pasword till now i have done that coding is
C#
public void button1_Click(object sender, EventArgs e)
        {
            {
                SqlConnection con = new SqlConnection();
                con.ConnectionString = @"Data Source=.\SQLEXPRESS;AttachDbFilename=c:\documents and settings\aquib\my documents\visual studio 2010\Projects\labelnameinsecondformtry\labelnameinsecondformtry\Database1.mdf;Integrated Security=True;User Instance=True";
                string q = ("select SEC_QUESTION,PASSWORD from Table1 where USERNAME='" + textBox1.Text + "'");
                con.Open();
                SqlCommand cmd = new SqlCommand(q, con);
                SqlDataReader dr = cmd.ExecuteReader();
                if (dr.HasRows == true)
                {
                    Form2 f2 = new Form2();
                    while (dr.Read())
                    {
                        f2.label1.Text = dr["SEC_QUESTION"].ToString();
                        f2.textBox2.Text = dr["PASSWORD"].ToString();
                    }
                    dr.Close();
                    con.Close();
                    f2.Show();
                }
Posted
Updated 1-Sep-12 7:30am
v2

Have a look at: ASP.NET Authentication[^], Forms Authentication Provider[^], Managing Users by Using Membership[^] and ASP.NET Login Controls[^]

Pay attention to the The ChangePassword Control which allows users to change their password. The user must first supply the original password and then create and confirm the new password. If the original password is correct, the user password is changed to the new password. The control also includes support for sending an e-mail message about the new password.

Use the mechanisms provided by .Net, the ChangePassword Control can be customized to suit your needs.

Perhaps you'll be interested in this: Storing Passwords Securely[^]

Best regards
Espen Harlinn
 
Share this answer
 
v3
Comments
Wendelius 2-Sep-12 2:11am    
You're correct. Probably this is ASP.NET so using these would be the right way to go. 5'd
Espen Harlinn 2-Sep-12 4:30am    
Thank you, Mika - sounds like OP is not using a one way hash, and that he is actually storing the passwords in the db :shudder:
Wendelius 2-Sep-12 5:33am    
Yep, sounds like that.
sariqkhan 2-Sep-12 23:20pm    
bro. My project is small and i dont want to make it complex. So because of it i dont use SHA.... And by the way there is no such step by step implementation of SHA for beginers.
Can you help me in this?
Espen Harlinn 3-Sep-12 5:37am    
Forms authentication is already implemented by .Net - so I'm not telling you to implement it, just to use what's already there. Forms authenticaton uses the SHA-1 algorithm.
Do you mean how you change the password. If that's the question, as long as you have necessary privileges, you can use the ALTER LOGIN[^] statement to change the password. For example:

SQL
ALTER LOGIN SomeLoginName WITH PASSWORD = 'NewPasswordToBeSet';


Note: Never directly concatenate values to your SQL statement. That leaves you open to SQL injections, data type conversion problems and so on. Instead use SqlParameter[^].
 
Share this answer
 
Comments
[no name] 1-Sep-12 14:53pm    
I don't think this will be helpful for him.
Wendelius 1-Sep-12 14:56pm    
Why do think that?
[no name] 1-Sep-12 14:59pm    
beacuse he just want to update the table column values not altering the table.
The answer will too long.
So I left it.
You please try and help him.
I'm not insulting you.
Just what I understand for the question.
Sorry if you misunderstand.
Wendelius 1-Sep-12 15:03pm    
Don't worry, I don't feel insulted at all :)

You may be right that he simply wants to update a row in a table. Hopefully the OP comes in with comments to clarify the situation.
[no name] 1-Sep-12 15:13pm    
yes, lets wait.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900