Ali Sarshogh Ali Sarshogh - 1 month ago 9x
ASP.NET (C#) Question

Password Policy in ASP.NET Profile (Membership)

In change password page, we have this code, So if we want to change Password Policy into "StrongPolicy", have we a way or is it by default?

Also can we change it to weak policy ?

I read MSDN but couldn't find it.

Membership mu ;

var newPass= mu.ResetPassword();


By default the memebership provider in .net restricts you to have password of length 7(atleast) and of which one character must be alpha-numeric.

Although there many ways by which you can change that. You can check Changing password policy setting in membership provider.

Using minimum length and non-alphanumeric character

<membership ...>
    <add minRequiredPasswordLength=10 minRequiredNonalphanumericCharacters=2 .../>

Using regular expression

<membership ...>
    <add passwordStrengthRegularExpression= 
                    "^(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,10}$" .../>

The above code is from the same site.