Problem solve Get help with specific problems with your technologies, process and projects.

Creating password recovery mechanisms in ASP.NET

Password recovery systems are easy to build in ASP.NET 2.0. Expert Dan Cornell explains how to create a question-and-answer authentication mechanism using .NET membership controls.

I would like to know whether I can build challenge/response-based password recovery mechanism using the ASP.NET 2.0 version. Is there a factory of stubs which we need to implement or are there standard implementations provided?

Fortunately, the ASP.NET Membership controls have this implemented out of the box. The CreateUserWizard control...

allows you to collect a password recovery question and answer from new users and the PasswordRecovery control allows you to display the question, verify the answer and email out the response.

Both of these controls rely on a membership provider. This means you can either use the providers available from ASP.NET 2.0, such as the SQL Server provider, or you can easily implement your own if you want to store your user information in an Oracle database or other data store that is not supported out of the box. For more information about the ASP.NET 2.0 membership provider, check out this article.

More information:

Dig Deeper on Topics Archive

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.