堆栈内存溢出
  简体   繁体   English

asp.net成员身份:哈希密码时如何检查密码答案是否正确

[英]asp.net membership: how to check if password answer is correct when password hashed

 原文  2014-06-21 11:02:54       asp.net/ asp.net-membership/ reset-password

问题描述

I want to reset user's password only if question and answer that user provided is true.I use resetpassword method with passwordanswer parameter. 我只想在用户提供的问题和答案为真时重置用户密码。我将resetpassword方法与passwordanswer参数一起使用。 but still password reset always however password answer isn't corrct. 但是仍然总是会重设密码,但是密码答案却不正确。 :( :(

how can I reset only if user provided correct question and answer? 仅当用户提供正确的问题和答案时,如何才能重置? here is my code: 这是我的代码: 

try
    {
        MembershipUser user = Membership.GetUser(Membership.GetUserNameByEmail(txtEmail.Text));

        if (user != null)
        {
            if (user.PasswordQuestion == ddlSecurityQuestion.SelectedIndex.ToString())
            {

                user.ChangePassword(user.ResetPassword(txtSecurityQuestionAnswer.Text), txtNewPassword.Text);
                lblError.Text = Resources.Titles.DearUser + user.UserName + Resources.Messages.PasswordRecoveryDone;
            }
            else
            {
                lblError.Text = Resources.Messages.QuestionAnswerIsInvalid;
                return;
            }
        }
        else
        {
            lblError.Text = Resources.Messages.EmailIsInvalid;
            return;
        }
    }
    catch
    {
        lblError.Text = Resources.Messages.QuestionAnswerIsInvalid;

        throw;
    }

but always reset. 但总是重置。 I don't know how to check password answer when my password hashed and I can't get password. 当我的密码被散列并且无法获取密码时,我不知道如何检查密码答案。

1 个解决方案

解决方案1
 0 已采纳  2014-06-21 11:24:50

I found What's wrong with my reset method. 我发现我的重置方法出了什么问题。 I set requiresQuestionAndAnswer to false in web.config. 我在web.config中将requireQuestionAndAnswer设置为false。 when this option set to false, reset method using PasswordAnswer working however Supplied answer was wrong. 当此选项设置为false时,使用PasswordAnswer重置方法有效,但是提供的答案错误。 When I change requiresQuestionAndAnswer to true, with wrong answer this method throw an exception. 当我将requireQuestionAndAnswer更改为true时,如果答案错误,则此方法将引发异常。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何手动创建asp.net成员资格提供程序的哈希密码? - How to create a asp.net membership provider hashed password manually? 如何检查密码是否有效? ASP.NET MVC成员资格 - How to check if password is valid? ASP.NET MVC Membership 如果您不知道当前密码,如何使用asp.net成员资格提供程序更改散列密码? - How do you change a hashed password using asp.net membership provider if you don't know the current password? 使用ASP.NET成员资格提供程序(哈希格式),我无法重置密码 - Using the ASP.NET membership provider (hashed password format) I am unable to reset password Asp.net会员密码 - Asp.net Membership password 如何不使用ASP.Net成员资格安全性问题和答案进行自定义密码恢复? - How to not use ASP.Net Membership Security Question and Answer for custom password recovery? ASP.Net成员资格即使设置了Hashed passwordFormat,也将更改的密码保存为纯文本 - ASP.Net Membership saves changed password as plain text even with Hashed passwordFormat set 在asp.net中使用哈希密码创建登录名 - Create login with hashed password in asp.net 如何在模仿ASP.NET时使用散列密码 - how to use hashed password in impersonate of ASP.NET IsApproved为false时,验证ASP.NET成员身份用户名和密码 - Validate ASP.NET membership Username and Password when IsApproved is false
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM