Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > How to change strong password policy in ASP.NET

Reply
Thread Tools

How to change strong password policy in ASP.NET

 
 
jake@henderson3.net
Guest
Posts: n/a
 
      03-09-2006
Hi.
I am building web apps in visual web developer 2005 express and SQL
2005 express. Users have complained about the strong password policy,
so I would like to change it to somthing like at least 5 letters and 1
number. Thanks for the help in advance.
-Jake

 
Reply With Quote
 
 
 
 
Juan T. Llibre
Guest
Posts: n/a
 
      03-10-2006
By default, the ASP.NET membership providers enforce strong passwords.

For example, the SqlMembershipProvider ensures that passwords are at
least seven characters in length with at least one non-alphanumeric character.

You should ensure that your membership provider configuration
enforces passwords of at least this strength, for maximum security.

If you want to lessen the password complexity rules enforced by your provider,
you can set the following additional attributes in the providers section of your
<membership defaultProvider...> element of web.config :

minRequiredPasswordLength
The default is 7.

minRequiredNonalphanumericCharacters
The default is 1.

See :
http://msdn2.microsoft.com/en-us/lib...ordlength.aspx

Why you would do that is beyond me, though.
I would *never* lessen the security of my ASP.NET apps.



Juan T. Llibre, asp.net MVP
aspnetfaq.com : http://www.aspnetfaq.com/
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en espaņol : http://asp.net.do/foros/
===================================

<(E-Mail Removed)> wrote in message news:(E-Mail Removed) oups.com...
> Hi.
> I am building web apps in visual web developer 2005 express and SQL
> 2005 express. Users have complained about the strong password policy,
> so I would like to change it to somthing like at least 5 letters and 1
> number. Thanks for the help in advance.
> -Jake
>




 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: "Strong typing vs. strong testing" namekuseijin Python 229 10-29-2010 09:02 AM
Re: "Strong typing vs. strong testing" namekuseijin C Programming 214 10-17-2010 01:12 PM
Change a users password without knowing the old password nor the answer to the password question AAaron123 ASP .Net 1 01-16-2009 02:56 PM
Password policy (password expiry after certain time) morph Cisco 0 05-20-2008 08:46 PM
Compilation fails when a windows form user control is assigned a strong name but it refers to an activex control which does not have strong name ashish_gokhale ASP .Net Web Controls 0 05-05-2005 01:38 PM



Advertisments