Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > NewPasswordRegularExpression bug in ChangePassword control

Reply
Thread Tools

NewPasswordRegularExpression bug in ChangePassword control

 
 
Dmitry Duginov
Guest
Posts: n/a
 
      02-08-2008
Hi,

I am trying to enforce the following password strength rules:

8 characters minimum
including at least 2 digits
and at least one non-alphanumeric character

Web.config fragment:

<membership defaultProvider="XYZMembershipProvider">
<providers>
<add name="XYZMembershipProvider"
connectionStringName="XYZMembershipConnection"
applicationName="XYZ"
passwordStrengthRegularExpression="(?=.{8,})(?=(.* \d){2,})(?=(.*\W){1,})"
enablePasswordReset="false"
requiresUniqueEmail="true"
passwordFormat="Hashed"
type="System.Web.Security.SqlMembershipProvider"/>
</providers>
</membership>

On provider level it works fine, but when I'm trying to place the same Regex
(?=.{8,})(?=(.*\d){2,})(?=(.*\W){1,})
into NewPasswordRegularExpression property of ChangePassword control,
client-side validation fails for valid passwords that pass server-side
validation when NewPasswordRegularExpression is not filled.

Control markup is below. It looks like javascript-based regex parsing does
not work the same way as its client side peer. Any suggestions?

<asp:ChangePassword ID="ChangePassword1" runat="server"
NewPasswordRegularExpressionErrorMessage="New password must have at
least 8 characters, including two numbers and one special character"
PasswordHintText="Please enter a password at least 8 characters
long, containing two numbers and one special character"
NewPasswordRegularExpression="(?=.{8,})(?=(.*\d){2 ,})(?=(.*\w){1,})">
</asp:ChangePassword>

Regards,
Dmitry


 
Reply With Quote
 
 
 
 
Alexey Smirnov
Guest
Posts: n/a
 
      02-10-2008
On Feb 8, 8:01*pm, "Dmitry Duginov" <(E-Mail Removed)> wrote:
> Hi,
>
> I am trying to enforce the following password strength rules:
>
> 8 characters minimum
> including at least 2 digits
> and at least one non-alphanumeric character
>
> Web.config fragment:
>
> * <membership defaultProvider="XYZMembershipProvider">
> * *<providers>
> * * * * <add name="XYZMembershipProvider"
> * * * * connectionStringName="XYZMembershipConnection"
> * * * * applicationName="XYZ"
> * * * * passwordStrengthRegularExpression="(?=.{8,})(?=(.* \d){2,})(?=(.*\W){1,})"
> * * * * enablePasswordReset="false"
> * * * * requiresUniqueEmail="true"
> * * * * passwordFormat="Hashed"
> * * * * type="System.Web.Security.SqlMembershipProvider"/>
> * *</providers>
> * </membership>
>
> On provider level it works fine, but when I'm trying to place the same Regex
> (?=.{8,})(?=(.*\d){2,})(?=(.*\W){1,})
> into NewPasswordRegularExpression property of ChangePassword control,
> client-side validation fails for valid passwords that pass server-side
> validation when NewPasswordRegularExpression is not filled.
>
> Control markup is below. It looks like javascript-based regex parsing does
> not work the same way as its client side peer. Any suggestions?
>
> * * <asp:ChangePassword ID="ChangePassword1" runat="server"
> * * * * NewPasswordRegularExpressionErrorMessage="New password must have at
> least 8 characters, including two numbers and one special character"
> * * * * PasswordHintText="Please enter a password at least 8 characters
> long, containing two numbers and one special character"
> * * * * NewPasswordRegularExpression="(?=.{8,})(?=(.*\d){2 ,})(?=(.*\w){1,})">
> * * </asp:ChangePassword>
>
> Regards,
> Dmitry


According to MSDN the pattern should look as follows:

NewPasswordRegularExpression = '@\"(?=.{8,})(?=(.*\d){2,})(?=(.*\W)
{1,})'

http://msdn2.microsoft.com/en-us/lib...xpression.aspx

Hope this helps
 
Reply With Quote
 
 
 
 
Dmitry Duginov
Guest
Posts: n/a
 
      02-11-2008

"Alexey Smirnov" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
On Feb 8, 8:01 pm, "Dmitry Duginov" <(E-Mail Removed)> wrote:
> Hi,
>
> I am trying to enforce the following password strength rules:
>
> 8 characters minimum
> including at least 2 digits
> and at least one non-alphanumeric character
>
> Web.config fragment:
>
> <membership defaultProvider="XYZMembershipProvider">
> <providers>
> <add name="XYZMembershipProvider"
> connectionStringName="XYZMembershipConnection"
> applicationName="XYZ"
> passwordStrengthRegularExpression="(?=.{8,})(?=(.* \d){2,})(?=(.*\W){1,})"
> enablePasswordReset="false"
> requiresUniqueEmail="true"
> passwordFormat="Hashed"
> type="System.Web.Security.SqlMembershipProvider"/>
> </providers>
> </membership>
>
> On provider level it works fine, but when I'm trying to place the same
> Regex
> (?=.{8,})(?=(.*\d){2,})(?=(.*\W){1,})
> into NewPasswordRegularExpression property of ChangePassword control,
> client-side validation fails for valid passwords that pass server-side
> validation when NewPasswordRegularExpression is not filled.
>
> Control markup is below. It looks like javascript-based regex parsing does
> not work the same way as its client side peer. Any suggestions?
>
> <asp:ChangePassword ID="ChangePassword1" runat="server"
> NewPasswordRegularExpressionErrorMessage="New password must have at
> least 8 characters, including two numbers and one special character"
> PasswordHintText="Please enter a password at least 8 characters
> long, containing two numbers and one special character"
> NewPasswordRegularExpression="(?=.{8,})(?=(.*\d){2 ,})(?=(.*\w){1,})">
> </asp:ChangePassword>


>According to MSDN the pattern should look as follows:


>NewPasswordRegularExpression = '@\"(?=.{8,})(?=(.*\d){2,})(?=(.*\W)
>{1,})'


>http://msdn2.microsoft.com/en->us/library/system.web.ui.webcontrols.changepassword.newpasswo rdregularexpression.aspx


>Hope this helps


Of course it it doesn't. I gave it a try. No difference. If you look
carefully, this regex additionally forces any password to begin with
quotation mark, nothing else. But the validation fails anyway, even if I
specify "password!99.

Let's hear what Microsoft folks think about this...

D.



 
Reply With Quote
 
Steven Cheng[MSFT]
Guest
Posts: n/a
 
      02-13-2008
Hi Dmitry,

As for the CreateUserWizard and its password regex expression, I've
performed some search and it seems there hasn't recorded an existing issue.
For the behavior you mentioned, would you also paste me a test regex
expression and some password patterns? I'd do some tests on my local side
to confirm the behavior.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
>From: "Dmitry Duginov" <(E-Mail Removed)>
>References: <(E-Mail Removed)>

<(E-Mail Removed)>
>Subject: Re: NewPasswordRegularExpression bug in ChangePassword control
>Date: Mon, 11 Feb 2008 13:27:28 -0500


>
>
>"Alexey Smirnov" <(E-Mail Removed)> wrote in message
>news:(E-Mail Removed)...
>On Feb 8, 8:01 pm, "Dmitry Duginov" <(E-Mail Removed)> wrote:
>> Hi,
>>
>> I am trying to enforce the following password strength rules:
>>
>> 8 characters minimum
>> including at least 2 digits
>> and at least one non-alphanumeric character
>>
>> Web.config fragment:
>>
>> <membership defaultProvider="XYZMembershipProvider">
>> <providers>
>> <add name="XYZMembershipProvider"
>> connectionStringName="XYZMembershipConnection"
>> applicationName="XYZ"
>> passwordStrengthRegularExpression="(?=.{8,})(?=(.* \d){2,})(?=(.*\W){1,})"
>> enablePasswordReset="false"
>> requiresUniqueEmail="true"
>> passwordFormat="Hashed"
>> type="System.Web.Security.SqlMembershipProvider"/>
>> </providers>
>> </membership>
>>
>> On provider level it works fine, but when I'm trying to place the same
>> Regex
>> (?=.{8,})(?=(.*\d){2,})(?=(.*\W){1,})
>> into NewPasswordRegularExpression property of ChangePassword control,
>> client-side validation fails for valid passwords that pass server-side
>> validation when NewPasswordRegularExpression is not filled.
>>
>> Control markup is below. It looks like javascript-based regex parsing

does
>> not work the same way as its client side peer. Any suggestions?
>>
>> <asp:ChangePassword ID="ChangePassword1" runat="server"
>> NewPasswordRegularExpressionErrorMessage="New password must have at
>> least 8 characters, including two numbers and one special character"
>> PasswordHintText="Please enter a password at least 8 characters
>> long, containing two numbers and one special character"
>> NewPasswordRegularExpression="(?=.{8,})(?=(.*\d){2 ,})(?=(.*\w){1,})">
>> </asp:ChangePassword>

>
>>According to MSDN the pattern should look as follows:

>
>>NewPasswordRegularExpression = '@\"(?=.{8,})(?=(.*\d){2,})(?=(.*\W)
>>{1,})'

>
>>http://msdn2.microsoft.com/en->us/library/system.web.ui.webcontrols.change

password.newpasswordregularexpression.aspx
>
>>Hope this helps

>
>Of course it it doesn't. I gave it a try. No difference. If you look
>carefully, this regex additionally forces any password to begin with
>quotation mark, nothing else. But the validation fails anyway, even if I
>specify "password!99.
>
>Let's hear what Microsoft folks think about this...
>
>D.
>
>
>
>


 
Reply With Quote
 
Dmitry Duginov
Guest
Posts: n/a
 
      02-14-2008

"Steven Cheng[MSFT]" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hi Dmitry,
>
> As for the CreateUserWizard and its password regex expression, I've
> performed some search and it seems there hasn't recorded an existing
> issue.
> For the behavior you mentioned, would you also paste me a test regex
> expression and some password patterns? I'd do some tests on my local side
> to confirm the behavior.


Steven, the complete information to reproduce the bug has been included into
original message below. But of course I can copy and paste it, no problem.

<asp:ChangePassword ID="ChangePassword1" runat="server"
NewPasswordRegularExpressionErrorMessage="New password must have at least 8
characters, including two numbers and one special character"
PasswordHintText="Please enter a password at least 8 characters long,
containing two numbers and one special character"
NewPasswordRegularExpression="(?=.{8,})(?=(.*\d){2 ,})(?=(.*\w){1,})">
</asp:ChangePassword>

Example of the password: password!99

D.

>>From: "Dmitry Duginov" <(E-Mail Removed)>
>>References: <(E-Mail Removed)>

> <(E-Mail Removed)>
>>Subject: Re: NewPasswordRegularExpression bug in ChangePassword control
>>Date: Mon, 11 Feb 2008 13:27:28 -0500

>
>>
>>
>>"Alexey Smirnov" <(E-Mail Removed)> wrote in message
>>news:(E-Mail Removed)...
>>On Feb 8, 8:01 pm, "Dmitry Duginov" <(E-Mail Removed)> wrote:
>>> Hi,
>>>
>>> I am trying to enforce the following password strength rules:
>>>
>>> 8 characters minimum
>>> including at least 2 digits
>>> and at least one non-alphanumeric character
>>>
>>> Web.config fragment:
>>>
>>> <membership defaultProvider="XYZMembershipProvider">
>>> <providers>
>>> <add name="XYZMembershipProvider"
>>> connectionStringName="XYZMembershipConnection"
>>> applicationName="XYZ"
>>> passwordStrengthRegularExpression="(?=.{8,})(?=(.* \d){2,})(?=(.*\W){1,})"
>>> enablePasswordReset="false"
>>> requiresUniqueEmail="true"
>>> passwordFormat="Hashed"
>>> type="System.Web.Security.SqlMembershipProvider"/>
>>> </providers>
>>> </membership>
>>>
>>> On provider level it works fine, but when I'm trying to place the same
>>> Regex
>>> (?=.{8,})(?=(.*\d){2,})(?=(.*\W){1,})
>>> into NewPasswordRegularExpression property of ChangePassword control,
>>> client-side validation fails for valid passwords that pass server-side
>>> validation when NewPasswordRegularExpression is not filled.
>>>
>>> Control markup is below. It looks like javascript-based regex parsing

> does
>>> not work the same way as its client side peer. Any suggestions?
>>>
>>> <asp:ChangePassword ID="ChangePassword1" runat="server"
>>> NewPasswordRegularExpressionErrorMessage="New password must have at
>>> least 8 characters, including two numbers and one special character"
>>> PasswordHintText="Please enter a password at least 8 characters
>>> long, containing two numbers and one special character"
>>> NewPasswordRegularExpression="(?=.{8,})(?=(.*\d){2 ,})(?=(.*\w){1,})">
>>> </asp:ChangePassword>

>>
>>>According to MSDN the pattern should look as follows:

>>
>>>NewPasswordRegularExpression = '@\"(?=.{8,})(?=(.*\d){2,})(?=(.*\W)
>>>{1,})'

>>
>>>http://msdn2.microsoft.com/en->us/library/system.web.ui.webcontrols.change

> password.newpasswordregularexpression.aspx
>>
>>>Hope this helps

>>
>>Of course it it doesn't. I gave it a try. No difference. If you look
>>carefully, this regex additionally forces any password to begin with
>>quotation mark, nothing else. But the validation fails anyway, even if I
>>specify "password!99.
>>
>>Let's hear what Microsoft folks think about this...
>>
>>D.
>>
>>
>>
>>

>



 
Reply With Quote
 
Dmitry Duginov
Guest
Posts: n/a
 
      02-14-2008

"Steven Cheng[MSFT]" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...

MSDN states that:

Client-Side Validation for ASP.NET Server ControlsThere are a few minor
differences associated with client-side validation: ... Client-side regular
expressions differ in small details from the regular ...


But the specific differences between client-side and server side Regex
implementation in ASP.NET is nowhere to be found. Now I recall I used to
have similar problem back in 2003 - the same Regex worked differently on
client and server side. And Microsoft reps told "maybe it will be fixed in
the next version". It's been five years since then...

Could you find out what are those "small, minor differences"?

D.


 
Reply With Quote
 
Jesse Houwing
Guest
Posts: n/a
 
      02-14-2008
Hello Dmitry,

> "Steven Cheng[MSFT]" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>
> MSDN states that:
>
> Client-Side Validation for ASP.NET Server ControlsThere are a few
> minor differences associated with client-side validation: ...
> Client-side regular expressions differ in small details from the
> regular ...
>
> But the specific differences between client-side and server side Regex
> implementation in ASP.NET is nowhere to be found. Now I recall I used
> to have similar problem back in 2003 - the same Regex worked
> differently on client and server side. And Microsoft reps told "maybe
> it will be fixed in the next version". It's been five years since
> then...
>
> Could you find out what are those "small, minor differences"?


Clientside uses the VBScript/JavaScript/ECMAScript implementation of Regex
(same as the Windows Scripting Host).

Serverside uses the .NET implementation of regex (with the ECMAScript compliace
turned on if I'm not mistaking).

For both of these is a separate set of documentation available and I do not
expect these differences to be removed ever/at all, as there are too many
3rd party browsers that have built in support for the same VBScript/JavaScript/ECMAScript
implementation for such a change to work without serious cooperation between
all browser vendors.

I find the following website a handy reference to look up such changes/differences:
http://www.regular-expressions.info/tools.html


--
Jesse Houwing
jesse.houwing at sogeti.nl


 
Reply With Quote
 
Steven Cheng
Guest
Posts: n/a
 
      02-19-2008
Hi Dmitry,

As Jesse has mentioned, the difference is something like the script
component's string regex support and .NET's regex support. The site
provided in his message provide some information on regex support of
different tools/platform.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
>From: "Dmitry Duginov" <(E-Mail Removed)>
>Subject: Re: NewPasswordRegularExpression bug in ChangePassword control
>Date: Thu, 14 Feb 2008 10:21:28 -0500


>
>
>"Steven Cheng[MSFT]" <(E-Mail Removed)> wrote in message
>news:(E-Mail Removed)...
>
>MSDN states that:
>
>Client-Side Validation for ASP.NET Server ControlsThere are a few minor
>differences associated with client-side validation: ... Client-side

regular
>expressions differ in small details from the regular ...
>
>
>But the specific differences between client-side and server side Regex
>implementation in ASP.NET is nowhere to be found. Now I recall I used to
>have similar problem back in 2003 - the same Regex worked differently on
>client and server side. And Microsoft reps told "maybe it will be fixed in
>the next version". It's been five years since then...
>
>Could you find out what are those "small, minor differences"?
>
>D.
>
>
>


 
Reply With Quote
 
Dmitry Duginov
Guest
Posts: n/a
 
      02-26-2008

"Steven Cheng[MSFT]" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hi Dmitry,
>
> As for the CreateUserWizard and its password regex expression, I've
> performed some search and it seems there hasn't recorded an existing
> issue.
> For the behavior you mentioned, would you also paste me a test regex
> expression and some password patterns? I'd do some tests on my local side
> to confirm the behavior.


Steven, it's been two weeks.

Did you get anything related to this issue???

D.

>
> --------------------
>>From: "Dmitry Duginov" <(E-Mail Removed)>
>>References: <(E-Mail Removed)>

> <(E-Mail Removed)>
>>Subject: Re: NewPasswordRegularExpression bug in ChangePassword control
>>Date: Mon, 11 Feb 2008 13:27:28 -0500

>
>>
>>
>>"Alexey Smirnov" <(E-Mail Removed)> wrote in message
>>news:(E-Mail Removed)...
>>On Feb 8, 8:01 pm, "Dmitry Duginov" <(E-Mail Removed)> wrote:
>>> Hi,
>>>
>>> I am trying to enforce the following password strength rules:
>>>
>>> 8 characters minimum
>>> including at least 2 digits
>>> and at least one non-alphanumeric character
>>>
>>> Web.config fragment:
>>>
>>> <membership defaultProvider="XYZMembershipProvider">
>>> <providers>
>>> <add name="XYZMembershipProvider"
>>> connectionStringName="XYZMembershipConnection"
>>> applicationName="XYZ"
>>> passwordStrengthRegularExpression="(?=.{8,})(?=(.* \d){2,})(?=(.*\W){1,})"
>>> enablePasswordReset="false"
>>> requiresUniqueEmail="true"
>>> passwordFormat="Hashed"
>>> type="System.Web.Security.SqlMembershipProvider"/>
>>> </providers>
>>> </membership>
>>>
>>> On provider level it works fine, but when I'm trying to place the same
>>> Regex
>>> (?=.{8,})(?=(.*\d){2,})(?=(.*\W){1,})
>>> into NewPasswordRegularExpression property of ChangePassword control,
>>> client-side validation fails for valid passwords that pass server-side
>>> validation when NewPasswordRegularExpression is not filled.
>>>
>>> Control markup is below. It looks like javascript-based regex parsing

> does
>>> not work the same way as its client side peer. Any suggestions?
>>>
>>> <asp:ChangePassword ID="ChangePassword1" runat="server"
>>> NewPasswordRegularExpressionErrorMessage="New password must have at
>>> least 8 characters, including two numbers and one special character"
>>> PasswordHintText="Please enter a password at least 8 characters
>>> long, containing two numbers and one special character"
>>> NewPasswordRegularExpression="(?=.{8,})(?=(.*\d){2 ,})(?=(.*\w){1,})">
>>> </asp:ChangePassword>

>>
>>>According to MSDN the pattern should look as follows:

>>
>>>NewPasswordRegularExpression = '@\"(?=.{8,})(?=(.*\d){2,})(?=(.*\W)
>>>{1,})'

>>
>>>http://msdn2.microsoft.com/en->us/library/system.web.ui.webcontrols.change

> password.newpasswordregularexpression.aspx
>>
>>>Hope this helps

>>
>>Of course it it doesn't. I gave it a try. No difference. If you look
>>carefully, this regex additionally forces any password to begin with
>>quotation mark, nothing else. But the validation fails anyway, even if I
>>specify "password!99.
>>
>>Let's hear what Microsoft folks think about this...
>>
>>D.
>>
>>
>>
>>

>



 
Reply With Quote
 
Steven Cheng
Guest
Posts: n/a
 
      02-27-2008
Hi Dmitry,

Sorry for keep you waiting. I've done some further research previouly and
haven't got any useful information so far. I'd like to involve some further
resource to help you on this issue. Would you send me a mail offline
through the following address:

"stcheng"+"@"+"microsoft.com"

I'll request some further information from you so as to allocate further
resource to help you.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
>From: "Dmitry Duginov" <(E-Mail Removed)>
>References: <(E-Mail Removed)>

<(E-Mail Removed)>
<(E-Mail Removed)>
<(E-Mail Removed)>
>Subject: Re: NewPasswordRegularExpression bug in ChangePassword control
>Date: Tue, 26 Feb 2008 12:08:10 -0500


>
>
>"Steven Cheng[MSFT]" <(E-Mail Removed)> wrote in message
>news:(E-Mail Removed)...
>> Hi Dmitry,
>>
>> As for the CreateUserWizard and its password regex expression, I've
>> performed some search and it seems there hasn't recorded an existing
>> issue.
>> For the behavior you mentioned, would you also paste me a test regex
>> expression and some password patterns? I'd do some tests on my local side
>> to confirm the behavior.

>
>Steven, it's been two weeks.
>
>Did you get anything related to this issue???
>
>D.
>
>>
>> --------------------
>>>From: "Dmitry Duginov" <(E-Mail Removed)>
>>>References: <(E-Mail Removed)>

>> <(E-Mail Removed)>
>>>Subject: Re: NewPasswordRegularExpression bug in ChangePassword control
>>>Date: Mon, 11 Feb 2008 13:27:28 -0500

>>
>>>
>>>
>>>"Alexey Smirnov" <(E-Mail Removed)> wrote in message
>>>news:(E-Mail Removed)...
>>>On Feb 8, 8:01 pm, "Dmitry Duginov" <(E-Mail Removed)> wrote:
>>>> Hi,
>>>>
>>>> I am trying to enforce the following password strength rules:
>>>>
>>>> 8 characters minimum
>>>> including at least 2 digits
>>>> and at least one non-alphanumeric character
>>>>
>>>> Web.config fragment:
>>>>
>>>> <membership defaultProvider="XYZMembershipProvider">
>>>> <providers>
>>>> <add name="XYZMembershipProvider"
>>>> connectionStringName="XYZMembershipConnection"
>>>> applicationName="XYZ"
>>>>

passwordStrengthRegularExpression="(?=.{8,})(?=(.* \d){2,})(?=(.*\W){1,})"
>>>> enablePasswordReset="false"
>>>> requiresUniqueEmail="true"
>>>> passwordFormat="Hashed"
>>>> type="System.Web.Security.SqlMembershipProvider"/>
>>>> </providers>
>>>> </membership>
>>>>
>>>> On provider level it works fine, but when I'm trying to place the same
>>>> Regex
>>>> (?=.{8,})(?=(.*\d){2,})(?=(.*\W){1,})
>>>> into NewPasswordRegularExpression property of ChangePassword control,
>>>> client-side validation fails for valid passwords that pass server-side
>>>> validation when NewPasswordRegularExpression is not filled.
>>>>
>>>> Control markup is below. It looks like javascript-based regex parsing

>> does
>>>> not work the same way as its client side peer. Any suggestions?
>>>>
>>>> <asp:ChangePassword ID="ChangePassword1" runat="server"
>>>> NewPasswordRegularExpressionErrorMessage="New password must have at
>>>> least 8 characters, including two numbers and one special character"
>>>> PasswordHintText="Please enter a password at least 8 characters
>>>> long, containing two numbers and one special character"
>>>> NewPasswordRegularExpression="(?=.{8,})(?=(.*\d){2 ,})(?=(.*\w){1,})">
>>>> </asp:ChangePassword>
>>>
>>>>According to MSDN the pattern should look as follows:
>>>
>>>>NewPasswordRegularExpression = '@\"(?=.{8,})(?=(.*\d){2,})(?=(.*\W)
>>>>{1,})'
>>>
>>>>http://msdn2.microsoft.com/en->us/library/system.web.ui.webcontrols.chan

ge
>> password.newpasswordregularexpression.aspx
>>>
>>>>Hope this helps
>>>
>>>Of course it it doesn't. I gave it a try. No difference. If you look
>>>carefully, this regex additionally forces any password to begin with
>>>quotation mark, nothing else. But the validation fails anyway, even if I
>>>specify "password!99.
>>>
>>>Let's hear what Microsoft folks think about this...
>>>
>>>D.
>>>
>>>
>>>
>>>

>>

>
>
>


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
What url should Cancel/Continue be set to in ChangePassword control? Bogdan ASP .Net 0 09-16-2008 09:58 PM
Adding security question/answer check to ASP.NET *ChangePassword* control Ken Fine ASP .Net 2 08-25-2008 01:20 AM
ChangePassword control not showing failure message PJ6 ASP .Net 1 04-13-2008 10:04 AM
changepassword control problems davidr@sharpesoft.com ASP .Net 0 07-17-2006 08:30 PM
Question about ChangePassword control Evgeny ASP .Net 2 01-28-2006 04:55 PM



Advertisments