我继承了一个相当复杂的 ASP.NET 网站,它使用 AspNetSqlMembershipProvider 成员身份验证。该网站上有一个重置密码功能,可以重置用户密码并将其通过电子邮件发送给他们。然而,用户却遇到了麻烦,因为新的自动生成密码非常复杂:由标点符号、数字和字母组成的 14 个字符。一些用户(它有老年用户群)甚至不知道如何在键盘上创建某些字符。
因此,我被要求强制自动生成的密码长度为 7 个字符,并且如果可能,仅包含字母数字字符。
我读过这篇文章 http://weblogs.asp.net/owscott/archive/2005/05/11/Changing-the-Password-Complexity-in-ASP.NET-V2.0.aspx 其中有人在另一个 Stack Overflow 问题上发布了一个有用的链接,但它似乎与自动生成的密码无关,只与用户生成的密码有关。
web.config 文件中的行是这样的:
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=y03f5f7f11d50a34" connectionStringName="theSite" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" applicationName="theSiteApp" requiresUniqueEmail="true" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression=""/>
有谁知道如何驯服自动生成的密码吗?
I've inherited quite a complex ASP.NET website, which uses AspNetSqlMembershipProvider member authentication. There's a reset password feature on the site which resets a users password and emails it to them. However, users are struggling because the new auto-generated password is very complex: 14 characters of punctuation, numbers and letters. Some users (it has an elderly user-base) don't even know how to create some of the characters on their keyboards.
So I've been asked to force the auto-generated passwords to be 7 characters in length and if possible only contain alphanumeric characters.
I've read this post http://weblogs.asp.net/owscott/archive/2005/05/11/Changing-the-Password-Complexity-in-ASP.NET-V2.0.aspx which someone on a different Stack Overflow question posted as a helpful link, but it doesn't seem to relate to auto-generated passwords, only user-generated ones.
The line in the web.config file is like this:
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=y03f5f7f11d50a34" connectionStringName="theSite" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" applicationName="theSiteApp" requiresUniqueEmail="true" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression=""/>
Does anyone know how to tame auto-generated passwords?
发布评论
评论(1)
我找到了一个解决方案 - 尽管有点hacky:forums.asp.net/p/1148079/2175576.aspx。
I've found a solution - albeit a little hacky: forums.asp.net/p/1148079/2175576.aspx.