I've been trying to create the capability of changing a users password
without knowing the old password nor the answer to the password question.

Without success!

I googled a few times, also without success.

I think I need a custom provider since the default one I use to create a
user account is:

<membership>
<providers>
<add name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="LocalSqlServer" enablePasswordRetrieval="false"
enablePasswordReset="true" requiresQuestionAndAnswer="true"
applicationName="/" requiresUniqueEmail="false" passwordFormat="Hashed"
maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7"
minRequiredNonalphanumericCharacters="1" passwordAttemptWindow="10"
passwordStrengthRegularExpression=""/>
</providers>
</membership>

Based on the note below I wonder if I could change the password if I knew
how to make a second AspNetSqlMembershipProvider in my solution and somehow
get ResetPassword to use it. Is something like that possible?

Maybe I need a folder with its own web.config file or a completly separate
application?

Can anyone give me a little direction or code ?

Thanks in advance for any help at all


In some organizations, a Customer Service department may wish to change a
user's password to a new known value, perhaps in response to a customer
request. The ChangePassword method, which appears to handle this need,
unfortunately requires the original user password which is usually
unavailable to the site administrator. By setting
"requiresQuestionAndAnswer" to false, "enablePasswordRetrieval" to true and
"enablePasswordReset" to true in web.config, the ResetPassword and
ChangePassword methods can be used to change a user's password to a known
value, regardless of the password format:

When you setup the SQL Server membership provider, it creates a number of
stored procedures as well as the necessary tables. Look at some of the
stored procs to see if you can call them directly to accomplish what you
want:
aspnet_Membership_SetPassword
aspnet_Membership_ResetPassword

"AAaron123" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> I've been trying to create the capability of changing a users password
> without knowing the old password nor the answer to the password question.
>
> Without success!
>
> I googled a few times, also without success.
>
> I think I need a custom provider since the default one I use to create a
> user account is:
>
> <membership>
> <providers>
> <add name="AspNetSqlMembershipProvider"
> type="System.Web.Security.SqlMembershipProvider, System.Web,
> Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
> connectionStringName="LocalSqlServer" enablePasswordRetrieval="false"
> enablePasswordReset="true" requiresQuestionAndAnswer="true"
> applicationName="/" requiresUniqueEmail="false" passwordFormat="Hashed"
> maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7"
> minRequiredNonalphanumericCharacters="1" passwordAttemptWindow="10"
> passwordStrengthRegularExpression=""/>
> </providers>
> </membership>
>
> Based on the note below I wonder if I could change the password if I knew
> how to make a second AspNetSqlMembershipProvider in my solution and
> somehow
> get ResetPassword to use it. Is something like that possible?
>
> Maybe I need a folder with its own web.config file or a completly separate
> application?
>
> Can anyone give me a little direction or code ?
>
> Thanks in advance for any help at all
>
>
> In some organizations, a Customer Service department may wish to change a
> user's password to a new known value, perhaps in response to a customer
> request. The ChangePassword method, which appears to handle this need,
> unfortunately requires the original user password which is usually
> unavailable to the site administrator. By setting
> "requiresQuestionAndAnswer" to false, "enablePasswordRetrieval" to true
> and
> "enablePasswordReset" to true in web.config, the ResetPassword and
> ChangePassword methods can be used to change a user's password to a known
> value, regardless of the password format:
>
>
>

Without documentation I don't think I could use them. For example,
PasswordSalt and PasswordFormat; I have no idea how to specify them. I
searched in Help for PasswordSalt and did get hits but I don't think they
apply.

If I, for example, Google for Set Password AspNetSqlMembershipProvider I
get many hits but they all seem to be looking for help, not giving it.
Actually, there are also some good tutorial articles that get close to my
problem, but not close enough. I Googled many combinations of keys with the
same result. I beginning to think no one knows how to do it.

I suppose it's possible that except with some very low level coding it can't
be done - maybe MS wanted it that way.

Thanks for replying


"Paul Shapiro" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> When you setup the SQL Server membership provider, it creates a number of
> stored procedures as well as the necessary tables. Look at some of the
> stored procs to see if you can call them directly to accomplish what you
> want:
> aspnet_Membership_SetPassword
> aspnet_Membership_ResetPassword
>
> "AAaron123" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> I've been trying to create the capability of changing a users password
>> without knowing the old password nor the answer to the password question.
>>
>> Without success!
>>
>> I googled a few times, also without success.
>>
>> I think I need a custom provider since the default one I use to create a
>> user account is:
>>
>> <membership>
>> <providers>
>> <add name="AspNetSqlMembershipProvider"
>> type="System.Web.Security.SqlMembershipProvider, System.Web,
>> Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
>> connectionStringName="LocalSqlServer" enablePasswordRetrieval="false"
>> enablePasswordReset="true" requiresQuestionAndAnswer="true"
>> applicationName="/" requiresUniqueEmail="false" passwordFormat="Hashed"
>> maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7"
>> minRequiredNonalphanumericCharacters="1" passwordAttemptWindow="10"
>> passwordStrengthRegularExpression=""/>
>> </providers>
>> </membership>
>>
>> Based on the note below I wonder if I could change the password if I knew
>> how to make a second AspNetSqlMembershipProvider in my solution and
>> somehow
>> get ResetPassword to use it. Is something like that possible?
>>
>> Maybe I need a folder with its own web.config file or a completly
>> separate
>> application?
>>
>> Can anyone give me a little direction or code ?
>>
>> Thanks in advance for any help at all
>>
>>
>> In some organizations, a Customer Service department may wish to change a
>> user's password to a new known value, perhaps in response to a customer
>> request. The ChangePassword method, which appears to handle this need,
>> unfortunately requires the original user password which is usually
>> unavailable to the site administrator. By setting
>> "requiresQuestionAndAnswer" to false, "enablePasswordRetrieval" to true
>> and
>> "enablePasswordReset" to true in web.config, the ResetPassword and
>> ChangePassword methods can be used to change a user's password to a known
>> value, regardless of the password format:
>>
>>
>>
>