Force a user to create password on first Login

Question

0.00/5 (No votes)

See more:

Is there a way to let the system generate the random password and send email to the user with a link to login page where user is required to create his own password. I saw various examples talking about ASP.NET membership table but that table is not in Identity 2.o. I think on similar term user can be forced to change password after few days (say 60 days)

Posted 5-Aug-14 10:13am

Member 10993830

Updated 24-May-20 4:14am

Add a Solution

3 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

W∴ Balboos, *GHB* · Answer 1 · 2020-05-24T04:15:00

To check a password you must have the user's account stored somewhere and a (hopefully) hashed password for comparison. Now, make sure you also have a column in your storage (SQL table, for example) that has a datetime value and allows NULL .

When you create the account the date is NULL. Just check the date and if it IS NULL than don't let the user do anything but update their password. When they change their password then update the field with the current date/time (that is GetDate() ).

Now, whenever they log in you can check for the last update date. If it is null or more than the number of days you set it will go to the force-new-password screen.

You may wish to keep track of their previous password (it's hash) and make sure they don't change it to itself. You can ever store several to make sure they keep changing it for any number of times you wish to make sure they don't keep switching back and forth to the same one(s).

Finally - I am assuming you know more or less how to code and just need this particular problem solved. It's good to look online but it's BETTER if you try to figure out a solution, yourself. That's how you learn to solve problems - not by copying what someone else has done. That is if you wish to be a cut above the rest of those who are "learning to program".

Suraj Sahoo | Coding Passion · Answer 2 · 2014-09-24T02:17:00

It is better you check the days for last password change and for sending the random password generated by the system, you can use GUID the best unique secure and random values, produced by Microsoft. Follow here GUID[^]
You can also have a windows service to be regularly called in time given to send mail for password update along with a random password.

Hope this helps
Thanks :)

thatraja · Answer 3 · 2014-09-02T23:21:00

Solution 1

Few resources
Forced change password upon first login[^]
Password Reset with SimpleMembership[^]
Free attachment
Implement secure ASP.NET MVC applications[^]

Posted 2-Sep-14 23:21pm

thatraja

Force a user to create password on first Login

3 solutions

Solution 12

Solution 2

Solution 1

Add your solution here

Preview 0