Click here to Skip to main content
14,769,975 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
Is there a way to let the system generate the random password and send email to the user with a link  to login page where user is required to create his own password. I saw various examples talking about ASP.NET membership table but that table is not in Identity 2.o. I think on similar term user can be forced to change password after few days (say 60 days)
		    
Posted
Updated 24-May-20 5:14am

To check a password you must have the user's account stored somewhere and a (hopefully) hashed password for comparison. Now, make sure you also have a column in your storage (SQL table, for example) that has a datetime value and allows NULL .

When you create the account the date is NULL. Just check the date and if it IS NULL than don't let the user do anything but update their password. When they change their password then update the field with the current date/time (that is GetDate() ).

Now, whenever they log in you can check for the last update date. If it is null or more than the number of days you set it will go to the force-new-password screen.

You may wish to keep track of their previous password (it's hash) and make sure they don't change it to itself. You can ever store several to make sure they keep changing it for any number of times you wish to make sure they don't keep switching back and forth to the same one(s).

Finally - I am assuming you know more or less how to code and just need this particular problem solved. It's good to look online but it's BETTER if you try to figure out a solution, yourself. That's how you learn to solve problems - not by copying what someone else has done.   That is if you wish to be a cut above the rest of those who are "learning to program".
   
It is better you check the days for last password change and for sending the random password generated by the system, you can use GUID the best unique secure and random values, produced by Microsoft. Follow here GUID[^]
You can also have a windows service to be regularly called in time given to send mail for password update along with a random password.

Hope this helps
Thanks :)
   

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900