Membership Provider and validating password strength

Membership Provider and validating password strength

by Peter Hancock 16. May 2008 06:29

I was finishing off a custom membership provider as part of a migration of code, and one of the requirements was to ensure that the login password in the membership provider matched the password strength requirements of the customers LDAP directory. PasswordStrengthRegularExpression was the obvious way to do it.

After fussing around and trying to test it, I finally downloaded the SqlMembershipProvider source code, and found the missing part.

Override the OnValidatingPassword event, and use that event to validate the strength of the password

Validate MinRequiredPasswordLength
Validate MinRequiredNonAlphanumericCharacters
Validate PasswordStrengthRegularExpression. (voila)

It's a pity, the sample ODBCMembershipProvider doesn't actually mention in the MSDN documentation that this should occur.

Currently rated 4.0 by 2 people

Currently 4/5 Stars.
1
2
3
4
5

provider asp.net

Software development

Related posts

Agile teams and rotating developersLet's rotate developers on a regular basis from one team to a next to share skills!Continuous database integrationRepost of article I wrote a long time ago for CodeProjectDesign Patterns and Wine TastingComparing wine tasting and design patterns? Perhaps I've had too much wine

Add comment

Name*
E-mail* (Will show your Gravatar icon)
Website
Country

Comment*

Notify me when new comments are added

Live preview

November 22. 2008 13:42

Recent posts

Membership Provider and validating password strengthComment: 0Rating: 4 / 2
Web deployment project CTP for VS2008 - missing connectionStrings elementComment: 8Rating: 3.5 / 2
Churn for banksComment: 0Rating: 0 / 0
Schema trap with SQL 2005Comment: 0Rating: 4 / 3
Code Hoarders and RewritersComment: 1Rating: 5 / 1
Underestimating the Customer ExperienceComment: 0Rating: 4 / 1
Avoid People TelecomComment: 0Rating: 5 / 1
NegativityComment: 0Rating: 3.3 / 3
Naming MethodsComment: 0Rating: 0 / 0
Autogenerating constants from a databaseComment: 3Rating: 0 / 0

Recent comments

Web deployment project CTP for VS2008 - missing connectionStrings element (8)
Peter Hancock wrote: Sorry Sheree, not this one :-(... [More]
Web deployment project CTP for VS2008 - missing connectionStrings element (8)
Sheree wrote: I'm trying to track down Peter Hancock who went to... [More]
Code Hoarders and Rewriters (1)
Nigel Thorne wrote: I feel your pain Pete. There is a trade off be... [More]
Web deployment project CTP for VS2008 - missing connectionStrings element (8)
Peter Hancock wrote: @KD - nice. I'll be interested to see what they d... [More]
Web deployment project CTP for VS2008 - missing connectionStrings element (8)
KN wrote: After further working on the solution I changed my... [More]
Web deployment project CTP for VS2008 - missing connectionStrings element (8)
KN wrote: This is what I did to fix the issue - mainly becau... [More]
Web deployment project CTP for VS2008 - missing connectionStrings element (8)
Peter Hancock wrote: It actually builds to temp directory and never cop... [More]
Web deployment project CTP for VS2008 - missing connectionStrings element (8)
Derek wrote: Thanks for the tip! This worked for me as you desc... [More]
Autogenerating constants from a database (3)
Andrew Connolly wrote: Lastly, I know there is an error in the generated ... [More]
Autogenerating constants from a database (3)
Andrew Connolly wrote: Now the final extension to this is what happens if... [More]

Archive

Authors

Categories

Blogroll

Download OPML file OPML

OPML