views:

134

answers:

1

Hello, I'm using the asp.net Membership Provider in an application. I'm also using the "out of the box" asp:PasswordRecovery control.

My client is complaining that the new passwords being issued are too complicated. e.g. }>;-(hYrS^OTfY

Are there any small tweaks I can make so the new passwords only contain letters and numbers?

thanks!

+1  A: 

This worked:

    using System;
using System.Collections.Generic;
using System.Web.Profile;
using System.Web.Security;
using System.Text;

namespace TS.Common.MembershipProvider
{
    public class MembershipProvider : SqlMembershipProvider
    {
     /// Create an array of characters to user for password reset.
     /// Exclude confusing or ambiguous characters such as 1 0 l o i
     string[] characters = new string[] { "2", "3", "4", "5", "6", "7", "8",
      "9", "a", "b", "c", "d", "e", "f", "g", "h", "j", "k", "m", "n",
      "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z"};

     const int DefaultResetPasswordLength = 10;
     private int ResetPasswordLength;

     // Create a more user friendly password to avoid confusion when
     // trying to key in the new value
     public override string GeneratePassword()
     {
      string newPassword = string.Empty;
      System.Random rnd = new Random();

      for (int i = 0; i < ResetPasswordLength; i++)
      {
       newPassword +=
       characters[rnd.Next(characters.GetUpperBound(0))];
      }
      return newPassword;
     }
    }

}

aron

related questions