How to Change Encrepted password new password

Question

1.00/5 (2 votes)

See more:

C#

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace TaxInvestments.Account
{
    public partial class ChangePassword : System.Web.UI.Page
    {
        TaxSavingInvestmentsEntities taxEntity = new TaxSavingInvestmentsEntities();
        User userDetails = new User();
        protected void Page_Load(object sender, EventArgs e)
        {
            
        }
    }
}

Hear we have three textboxes

old password
new password
confirm pass

using ado.net linq

Posted 11-Jun-12 23:47pm

2011999

Updated 11-Jun-12 23:53pm

v4

Add a Solution

Comments

Rahul Rajat Singh 12-Jun-12 5:52am

Please elaborate

Legor 12-Jun-12 6:00am

Improve the question please.

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Rahul Rajat Singh · Answer 1 · 2012-06-12T00:00:00

I will give you an algorithm for password change.

1. ask the user his existing password.
2. encrypt this value using same encryption technique that was used with original password.
3. Compare that the user entered value is matching the existing value in the DB.
4. Ask him to enter and re enter password.
5. Check for the password strength, if you have some constraints/criteria for that.
6. match the entry and reentry of password.
7. Encrypt this using the same encryption technique.
8. Update the password field in the DB and let the user know his change had taken effect.

As an additional step of security you can even send an email to the user after step 3 is successful. that email will contain a unique short-lived token to identify the user and will take the user to a page that will accept new password. this way even if someone know existing password will not be able to change it as he might not have access to the email.

I hope it helps. let me know if you need more clarifications.