Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > How to Change MinRequiredNonAlphanumericCharacters in AspNetSqlPro

Reply
Thread Tools

How to Change MinRequiredNonAlphanumericCharacters in AspNetSqlPro

 
 
EagleRed@HighFlyingBirds.com
Guest
Posts: n/a
 
      01-05-2006
I have just started with ASP.NET 2.0 using VS.NET 2005 with SQL 2005. I have
installed the aspnetdb and I am trying to setup a Logon page with a test
user. When I tried to create the test user in the WAT I found that the
password was not accepted because it did not contain a non-alphanumeric
character. My users will resist using extremely strong passwords. Many will
not understand the concept. Therefore, I need to set this to zero. How can
I do this?

I have a reference that points me to the application web.config file but
this seems to apply to a custom membership provider. I do not need to a
custom provider. I only want to avoid requiring non-alphanumeric characters
in passwords. Later, I may want to setup my own regular expression as well.

Thanks for any guidance on this.
 
Reply With Quote
 
 
 
 
Dominick Baier [DevelopMentor]
Guest
Posts: n/a
 
      01-05-2006
Hi,

look at the <membership> element in machine.config - you can configure that
there machine wide - otherwise copy the config element to your local web.config.

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> I have just started with ASP.NET 2.0 using VS.NET 2005 with SQL 2005.
> I have installed the aspnetdb and I am trying to setup a Logon page
> with a test user. When I tried to create the test user in the WAT I
> found that the password was not accepted because it did not contain a
> non-alphanumeric character. My users will resist using extremely
> strong passwords. Many will not understand the concept. Therefore, I
> need to set this to zero. How can I do this?
>
> I have a reference that points me to the application web.config file
> but this seems to apply to a custom membership provider. I do not
> need to a custom provider. I only want to avoid requiring
> non-alphanumeric characters in passwords. Later, I may want to setup
> my own regular expression as well.
>
> Thanks for any guidance on this.
>



 
Reply With Quote
 
 
 
 
EagleRed@HighFlyingBirds.com
Guest
Posts: n/a
 
      01-06-2006
I assume that copying this element to the application web.config and
modifying attributes will safely override for the app. only. The app is
being deployed to a shared server, so I cannot do anything to the
machine.config.

"Dominick Baier [DevelopMentor]" wrote:

> Hi,
>
> look at the <membership> element in machine.config - you can configure that
> there machine wide - otherwise copy the config element to your local web.config.
>
> ---------------------------------------
> Dominick Baier - DevelopMentor
> http://www.leastprivilege.com
>
> > I have just started with ASP.NET 2.0 using VS.NET 2005 with SQL 2005.
> > I have installed the aspnetdb and I am trying to setup a Logon page
> > with a test user. When I tried to create the test user in the WAT I
> > found that the password was not accepted because it did not contain a
> > non-alphanumeric character. My users will resist using extremely
> > strong passwords. Many will not understand the concept. Therefore, I
> > need to set this to zero. How can I do this?
> >
> > I have a reference that points me to the application web.config file
> > but this seems to apply to a custom membership provider. I do not
> > need to a custom provider. I only want to avoid requiring
> > non-alphanumeric characters in passwords. Later, I may want to setup
> > my own regular expression as well.
> >
> > Thanks for any guidance on this.
> >

>
>
>

 
Reply With Quote
 
Dominick Baier [DevelopMentor]
Guest
Posts: n/a
 
      01-06-2006
Hi,

just give the provider a new name or add a <clear /> element to the <providers>
section - otherwise you'll have a naming conflict.
---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> I assume that copying this element to the application web.config and
> modifying attributes will safely override for the app. only. The app
> is being deployed to a shared server, so I cannot do anything to the
> machine.config.
>
> "Dominick Baier [DevelopMentor]" wrote:
>
>> Hi,
>>
>> look at the <membership> element in machine.config - you can
>> configure that there machine wide - otherwise copy the config element
>> to your local web.config.
>>
>> ---------------------------------------
>> Dominick Baier - DevelopMentor
>> http://www.leastprivilege.com
>>> I have just started with ASP.NET 2.0 using VS.NET 2005 with SQL
>>> 2005. I have installed the aspnetdb and I am trying to setup a Logon
>>> page with a test user. When I tried to create the test user in the
>>> WAT I found that the password was not accepted because it did not
>>> contain a non-alphanumeric character. My users will resist using
>>> extremely strong passwords. Many will not understand the concept.
>>> Therefore, I need to set this to zero. How can I do this?
>>>
>>> I have a reference that points me to the application web.config file
>>> but this seems to apply to a custom membership provider. I do not
>>> need to a custom provider. I only want to avoid requiring
>>> non-alphanumeric characters in passwords. Later, I may want to
>>> setup my own regular expression as well.
>>>
>>> Thanks for any guidance on this.
>>>



 
Reply With Quote
 
EagleRed@HighFlyingBirds.com
Guest
Posts: n/a
 
      01-06-2006
Basically, this requires a custom provider. By copying from the
machine.config I am saving some time/effort in doing so.

"Dominick Baier [DevelopMentor]" wrote:

> Hi,
>
> just give the provider a new name or add a <clear /> element to the <providers>
> section - otherwise you'll have a naming conflict.
> ---------------------------------------
> Dominick Baier - DevelopMentor
> http://www.leastprivilege.com
>
> > I assume that copying this element to the application web.config and
> > modifying attributes will safely override for the app. only. The app
> > is being deployed to a shared server, so I cannot do anything to the
> > machine.config.
> >
> > "Dominick Baier [DevelopMentor]" wrote:
> >
> >> Hi,
> >>
> >> look at the <membership> element in machine.config - you can
> >> configure that there machine wide - otherwise copy the config element
> >> to your local web.config.
> >>
> >> ---------------------------------------
> >> Dominick Baier - DevelopMentor
> >> http://www.leastprivilege.com
> >>> I have just started with ASP.NET 2.0 using VS.NET 2005 with SQL
> >>> 2005. I have installed the aspnetdb and I am trying to setup a Logon
> >>> page with a test user. When I tried to create the test user in the
> >>> WAT I found that the password was not accepted because it did not
> >>> contain a non-alphanumeric character. My users will resist using
> >>> extremely strong passwords. Many will not understand the concept.
> >>> Therefore, I need to set this to zero. How can I do this?
> >>>
> >>> I have a reference that points me to the application web.config file
> >>> but this seems to apply to a custom membership provider. I do not
> >>> need to a custom provider. I only want to avoid requiring
> >>> non-alphanumeric characters in passwords. Later, I may want to
> >>> setup my own regular expression as well.
> >>>
> >>> Thanks for any guidance on this.
> >>>

>
>
>

 
Reply With Quote
 
Dominick Baier [DevelopMentor]
Guest
Posts: n/a
 
      01-07-2006
hi,

this does NOT require a custom provider - just configure the existing one
appropriately.

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> Basically, this requires a custom provider. By copying from the
> machine.config I am saving some time/effort in doing so.
>
> "Dominick Baier [DevelopMentor]" wrote:
>
>> Hi,
>>
>> just give the provider a new name or add a <clear /> element to the
>> <providers>
>> section - otherwise you'll have a naming conflict.
>> ---------------------------------------
>> Dominick Baier - DevelopMentor
>> http://www.leastprivilege.com
>>> I assume that copying this element to the application web.config and
>>> modifying attributes will safely override for the app. only. The
>>> app is being deployed to a shared server, so I cannot do anything to
>>> the machine.config.
>>>
>>> "Dominick Baier [DevelopMentor]" wrote:
>>>
>>>> Hi,
>>>>
>>>> look at the <membership> element in machine.config - you can
>>>> configure that there machine wide - otherwise copy the config
>>>> element to your local web.config.
>>>>
>>>> ---------------------------------------
>>>> Dominick Baier - DevelopMentor
>>>> http://www.leastprivilege.com
>>>>> I have just started with ASP.NET 2.0 using VS.NET 2005 with SQL
>>>>> 2005. I have installed the aspnetdb and I am trying to setup a
>>>>> Logon page with a test user. When I tried to create the test user
>>>>> in the WAT I found that the password was not accepted because it
>>>>> did not contain a non-alphanumeric character. My users will
>>>>> resist using extremely strong passwords. Many will not understand
>>>>> the concept. Therefore, I need to set this to zero. How can I do
>>>>> this?
>>>>>
>>>>> I have a reference that points me to the application web.config
>>>>> file but this seems to apply to a custom membership provider. I
>>>>> do not need to a custom provider. I only want to avoid requiring
>>>>> non-alphanumeric characters in passwords. Later, I may want to
>>>>> setup my own regular expression as well.
>>>>>
>>>>> Thanks for any guidance on this.
>>>>>



 
Reply With Quote
 
EagleRed@HighFlyingBirds.com
Guest
Posts: n/a
 
      01-07-2006
I am a little confused. I wil be deploying the site to a hosted/shared web
server. I will not be able to make changes to the machine.config for obvious
reasons. If I modify the existing provider in my app, do the changes apply
only to my app? Honestly, this is an area where I have very little experience.

"Dominick Baier [DevelopMentor]" wrote:

> hi,
>
> this does NOT require a custom provider - just configure the existing one
> appropriately.
>
> ---------------------------------------
> Dominick Baier - DevelopMentor
> http://www.leastprivilege.com
>
> > Basically, this requires a custom provider. By copying from the
> > machine.config I am saving some time/effort in doing so.
> >
> > "Dominick Baier [DevelopMentor]" wrote:
> >
> >> Hi,
> >>
> >> just give the provider a new name or add a <clear /> element to the
> >> <providers>
> >> section - otherwise you'll have a naming conflict.
> >> ---------------------------------------
> >> Dominick Baier - DevelopMentor
> >> http://www.leastprivilege.com
> >>> I assume that copying this element to the application web.config and
> >>> modifying attributes will safely override for the app. only. The
> >>> app is being deployed to a shared server, so I cannot do anything to
> >>> the machine.config.
> >>>
> >>> "Dominick Baier [DevelopMentor]" wrote:
> >>>
> >>>> Hi,
> >>>>
> >>>> look at the <membership> element in machine.config - you can
> >>>> configure that there machine wide - otherwise copy the config
> >>>> element to your local web.config.
> >>>>
> >>>> ---------------------------------------
> >>>> Dominick Baier - DevelopMentor
> >>>> http://www.leastprivilege.com
> >>>>> I have just started with ASP.NET 2.0 using VS.NET 2005 with SQL
> >>>>> 2005. I have installed the aspnetdb and I am trying to setup a
> >>>>> Logon page with a test user. When I tried to create the test user
> >>>>> in the WAT I found that the password was not accepted because it
> >>>>> did not contain a non-alphanumeric character. My users will
> >>>>> resist using extremely strong passwords. Many will not understand
> >>>>> the concept. Therefore, I need to set this to zero. How can I do
> >>>>> this?
> >>>>>
> >>>>> I have a reference that points me to the application web.config
> >>>>> file but this seems to apply to a custom membership provider. I
> >>>>> do not need to a custom provider. I only want to avoid requiring
> >>>>> non-alphanumeric characters in passwords. Later, I may want to
> >>>>> setup my own regular expression as well.
> >>>>>
> >>>>> Thanks for any guidance on this.
> >>>>>

>
>
>

 
Reply With Quote
 
Dominick Baier [DevelopMentor]
Guest
Posts: n/a
 
      01-07-2006
hi,

yep - if you configure the provider in you local web.config - this will only
apply to your app.

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> I am a little confused. I wil be deploying the site to a
> hosted/shared web server. I will not be able to make changes to the
> machine.config for obvious reasons. If I modify the existing provider
> in my app, do the changes apply only to my app? Honestly, this is an
> area where I have very little experience.
>
> "Dominick Baier [DevelopMentor]" wrote:
>
>> hi,
>>
>> this does NOT require a custom provider - just configure the existing
>> one appropriately.
>>
>> ---------------------------------------
>> Dominick Baier - DevelopMentor
>> http://www.leastprivilege.com
>>> Basically, this requires a custom provider. By copying from the
>>> machine.config I am saving some time/effort in doing so.
>>>
>>> "Dominick Baier [DevelopMentor]" wrote:
>>>
>>>> Hi,
>>>>
>>>> just give the provider a new name or add a <clear /> element to the
>>>> <providers>
>>>> section - otherwise you'll have a naming conflict.
>>>> ---------------------------------------
>>>> Dominick Baier - DevelopMentor
>>>> http://www.leastprivilege.com
>>>>> I assume that copying this element to the application web.config
>>>>> and modifying attributes will safely override for the app. only.
>>>>> The app is being deployed to a shared server, so I cannot do
>>>>> anything to the machine.config.
>>>>>
>>>>> "Dominick Baier [DevelopMentor]" wrote:
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> look at the <membership> element in machine.config - you can
>>>>>> configure that there machine wide - otherwise copy the config
>>>>>> element to your local web.config.
>>>>>>
>>>>>> ---------------------------------------
>>>>>> Dominick Baier - DevelopMentor
>>>>>> http://www.leastprivilege.com
>>>>>>> I have just started with ASP.NET 2.0 using VS.NET 2005 with SQL
>>>>>>> 2005. I have installed the aspnetdb and I am trying to setup a
>>>>>>> Logon page with a test user. When I tried to create the test
>>>>>>> user in the WAT I found that the password was not accepted
>>>>>>> because it did not contain a non-alphanumeric character. My
>>>>>>> users will resist using extremely strong passwords. Many will
>>>>>>> not understand the concept. Therefore, I need to set this to
>>>>>>> zero. How can I do this?
>>>>>>>
>>>>>>> I have a reference that points me to the application web.config
>>>>>>> file but this seems to apply to a custom membership provider. I
>>>>>>> do not need to a custom provider. I only want to avoid
>>>>>>> requiring non-alphanumeric characters in passwords. Later, I
>>>>>>> may want to setup my own regular expression as well.
>>>>>>>
>>>>>>> Thanks for any guidance on this.
>>>>>>>



 
Reply With Quote
 
EagleRed@HighFlyingBirds.com
Guest
Posts: n/a
 
      01-08-2006
Thanks. I'll see how it goes.

"Dominick Baier [DevelopMentor]" wrote:

> hi,
>
> yep - if you configure the provider in you local web.config - this will only
> apply to your app.
>
> ---------------------------------------
> Dominick Baier - DevelopMentor
> http://www.leastprivilege.com
>
> > I am a little confused. I wil be deploying the site to a
> > hosted/shared web server. I will not be able to make changes to the
> > machine.config for obvious reasons. If I modify the existing provider
> > in my app, do the changes apply only to my app? Honestly, this is an
> > area where I have very little experience.
> >
> > "Dominick Baier [DevelopMentor]" wrote:
> >
> >> hi,
> >>
> >> this does NOT require a custom provider - just configure the existing
> >> one appropriately.
> >>
> >> ---------------------------------------
> >> Dominick Baier - DevelopMentor
> >> http://www.leastprivilege.com
> >>> Basically, this requires a custom provider. By copying from the
> >>> machine.config I am saving some time/effort in doing so.
> >>>
> >>> "Dominick Baier [DevelopMentor]" wrote:
> >>>
> >>>> Hi,
> >>>>
> >>>> just give the provider a new name or add a <clear /> element to the
> >>>> <providers>
> >>>> section - otherwise you'll have a naming conflict.
> >>>> ---------------------------------------
> >>>> Dominick Baier - DevelopMentor
> >>>> http://www.leastprivilege.com
> >>>>> I assume that copying this element to the application web.config
> >>>>> and modifying attributes will safely override for the app. only.
> >>>>> The app is being deployed to a shared server, so I cannot do
> >>>>> anything to the machine.config.
> >>>>>
> >>>>> "Dominick Baier [DevelopMentor]" wrote:
> >>>>>
> >>>>>> Hi,
> >>>>>>
> >>>>>> look at the <membership> element in machine.config - you can
> >>>>>> configure that there machine wide - otherwise copy the config
> >>>>>> element to your local web.config.
> >>>>>>
> >>>>>> ---------------------------------------
> >>>>>> Dominick Baier - DevelopMentor
> >>>>>> http://www.leastprivilege.com
> >>>>>>> I have just started with ASP.NET 2.0 using VS.NET 2005 with SQL
> >>>>>>> 2005. I have installed the aspnetdb and I am trying to setup a
> >>>>>>> Logon page with a test user. When I tried to create the test
> >>>>>>> user in the WAT I found that the password was not accepted
> >>>>>>> because it did not contain a non-alphanumeric character. My
> >>>>>>> users will resist using extremely strong passwords. Many will
> >>>>>>> not understand the concept. Therefore, I need to set this to
> >>>>>>> zero. How can I do this?
> >>>>>>>
> >>>>>>> I have a reference that points me to the application web.config
> >>>>>>> file but this seems to apply to a custom membership provider. I
> >>>>>>> do not need to a custom provider. I only want to avoid
> >>>>>>> requiring non-alphanumeric characters in passwords. Later, I
> >>>>>>> may want to setup my own regular expression as well.
> >>>>>>>
> >>>>>>> Thanks for any guidance on this.
> >>>>>>>

>
>
>

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: How include a large array? Edward A. Falk C Programming 1 04-04-2013 08:07 PM
minRequiredNonalphanumericCharacters problem Jeff ASP .Net 1 04-02-2007 04:50 PM
Change the master GridView after detail change? Q. John Chen ASP .Net 0 11-15-2006 05:30 PM
A Paradise DNS address change? What change? There was no change. Tony Neville NZ Computing 7 09-22-2006 01:02 PM
How to Set minRequiredNonalphanumericCharacters="0"? EagleRed@HighFlyingBirds.com ASP .Net Security 3 02-01-2006 05:01 PM



Advertisments