The first thing you start with, when building an ASP.NET application, is properly to use the ASP.NET login controls. They are really easy to use, and save you a bundle of time.
Unfortunately the password by default always has to be to complex. At least 7 charecters, at least 1 non alphanumeric character, etc. etc..
I guess that is good in some situation, but when building a test site, or just a site for friends and family, this is a little over the top.
The reason why it is like this, is because of the membership provider. It gets its settings from the Machine.config. This can luckily be overridden in the web.config like this:
< membership>
<providers>
<remove name=“AspNetSqlMembershipProvider“ />
<add name=“AspNetSqlMembershipProvider”
type=“System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a”
connectionStringName=“LocalSqlServer”
enablePasswordRetrieval=“false”
enablePasswordReset=“true”
requiresQuestionAndAnswer=“true”
applicationName=“/”
requiresUniqueEmail=“false”
minRequiredPasswordLength=“1”
minRequiredNonalphanumericCharacters=“0”
passwordFormat=“Hashed”
maxInvalidPasswordAttempts=“5”
passwordAttemptWindow=“10”
passwordStrengthRegularExpression=“” />
</providers>
</membership>
Leave a Reply