help.net


Musing on .Net

News





hit counters




Open source CMS

Technorati

My blog

Irish blogs

Locations of visitors to this page Get Chitika eMiniMalls

.Net useful

Blogs I read

PocketPC

SQL

Usability

Changing password policy settings in Membership provider

The default password strength is set to a minimum password length of 7 characters with at least 1 non-alphanumeric character for both SqlMembershipProvider and ActiveDirectoryMembershipProvider.

If you need to configure your membership provider to enforce specific strong password rules, you can use some very handy regular expressions, or you can set specific max and min requirements for numeric, alhpabetic and alphanumeric characters.

Using minimum length and non-alphanumeric character

 <membership ...>
  <providers>
    <add minRequiredPasswordLength=10 minRequiredNonalphanumericCharacters=2 .../>
  </providers>
 </membership>

Using regular expression

 <membership ...>
  <providers>
    <add passwordStrengthRegularExpression=
                    "^(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,10}$" .../>
  </providers>
 </membership>

Posted: Dec 05 2005, 03:35 PM by help.net | with no comments
Filed under:

Comments

No Comments