tags:

views:

155

answers:

1
+1  Q: 

How do I set minumum password requirements in Umbraco for the membership provider?

I am trying to set minimum password requirements for my membership provider in Umbraco. Currently my web.config membership section looks like this:

   <membership defaultProvider="UmbracoMembershipProvider" userIsOnlineTimeWindow="15">
      <providers>
        <clear />
        <add name="UmbracoMembershipProvider" type="umbraco.providers.members.UmbracoMembershipProvider" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" defaultMemberTypeAlias="Another Type" passwordFormat="Hashed" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="1" />
        <add name="UsersMembershipProvider" type="umbraco.providers.UsersMembershipProvider" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" passwordFormat="Hashed" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="1" />
      </providers>
    </membership>

However, when I login in through the website and change my password, it will let me use a password of any length and makeup. Is there something I'm missing? Thanks!

+1  A: 

Typically custom membership provider settings are passed as custom xml attributes on the tag itself. You can see one there already: "userIsOnlineTimeWindow." Fire up Reflector and have a dig around the Assembly containing that provider, or praise-jeebus, RTFM. :D

-Oisin

x0n  2009-10-30 20:00:32
Manuals? Who reads manuals? j/k Yeah, I've been all over Umbraco's forum and MSDN with to no avail. Figured I'd go to source of all knowledge, SO, before I trudge through endless search results on Google.
jlech  2009-10-30 20:05:31

related questions

after running aspnet_regsql.exe , do I have to init the db with data? how?
Not using e-mail address in a custom MembershipProvider?
How to pass the current user to a web control declaratively
How do you rename a Role using Membership in .NET?
What encryption algorithm does the .net membership provider use?
Membership.GetUser() & MARS
Web.config editing for Membership Role Authorization
Globalization of Membership exceptions isn't taking place... What to do?
OpenId development while disconnected from Internet
programmatic login with .net membership provider
Addin extra properties to MembershipProvider
ASP.Net Providers from web server in DMZ
ASP.NET PasswordRecovery Control with Localized content
Examples of asp.net mvc and authentication
ASP.NET Membership for high security scenarios?
ASP.NET Forms Authentication With Only UserName
What to use for membership in ASP.NET
How can I wrap a transaction around Membership.CreateUser?
New site creation and security/authentication,- should I use ASP.net Membership Provider?
ASP.NET WSAT (Website Administration Tool) and Custom Membership Providers
How do you manage asp.net SQL membership roles/users in production?
How to access UserId in ASP.NET Membership without using Membership.GetUser() ?
Can I use OpenId with the ASP MembershipProvider?
How do you pass an authenticaticated session between app domains
Class design decision