ASP.NET Membership Provider password configuration

Question

How can I set up membership provider to only accept passwords that adhere to the following rules:

Minimum 6 characters

Contains at least one letter and number

Should be case sensitive

Answer 1

You can add/set the membership provider of your choice or alter default settings in web.config file. Under < system.web > section you may set:

<system.web>
    <authentication mode="Forms"/>
    <membership defaultProvider="...">
        <providers>
            <add name="MyProvider" passwordStrengthRegularExpression="reg. expression" ...other stuff.../>
        </providers>
    </membership>
</system.web>

Using the passwordStrengthRegularExpression property you can use a regular expression to specify the format of valid passwords. This is the most flexible way to control the format of a valid password in your application.