ASP.Net 2.0 Password Recovery Control With Email
The Password Recovery control provides the functionality to reset or recovery the old password for the username specified for the password recovery. Password recovery control works in 3 steps to retrieve the password from the database and sends an email at the authenticated email address provided by the user at the time of registration.
The PasswordRecovery control displays 3 different views like a wizard of 3 moves. In the first view it displays a UserName textbox and a submit button. When user inputs a UserName and submits it then Membership provider service verifies the user existence in the database, if user exists then it displays the second view asking the security question to authenticate the user. If authentication by security question and answer succeeds then PasswordRecovery control displays the third view with a message "Your password has been sent to you."
PasswordRecovery control resets the password in the hashed encrypted format and sends to the email address of the user. You can change the following membership settings in the web.config file:
<membership defaultprovider="SqlMembershipProvider" userisonlinetimewindow="15"> <providers> <add connectionStringName="LocalSqlServer" enablePasswordRetrieval="true" enablePasswordReset="false" requiresQuestionAndAnswer="true" applicationName="myApplicationName" requiresUniqueEmail="true" passwordFormat="Clear" name="SqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=126.96.36.199, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </membership>
If set to false then password recovery control resets the password.
If set to true then recovery control resets the password.
When set to true then PasswordRecovery control displays the second view for security question. If set to false then control skips the security question authentication.
When passwordFormat is set to "hashed" then control resets the password in encrypted format for security purposes. If format is set to "Clear" then control works according the value of enablePasswordReset.
PasswordRecovery control sends the email to the authenticated user only if SMTP host settings have been configured in the web.config file of the web application. Learn the SMTP settings from asp.net 2.0 createuser email confirmation
Create a text file with email body content to send it as password recovery email. Use <%UserName%> and <%Password%> in the body content to send the recovered password.
Continue to next tutorial: ASP.Net 2.0 Login Control to learn how to use the login control.