Password reset, retreive or change.

Topics: Business Logic Layer, Controls
Apr 13, 2011 at 2:04 PM

I am running BlogEngine.NET with SQLRole/Membership provider.  I now have two users who have forgotten their passwords or are locked out.

Can the password be reset or changed or requested via the user interface in this version?

Can it be done in subsequent versions - i.e. if I upgrade will it work?


Apr 15, 2011 at 12:15 PM

BE 2.0 has a password reset option.  The Upgrade instructions are here.

If you upgrade, the password reset option may or may not be turned on by default -- it's a setting in the control panel where you can control whether password resets are allowed.  If you turn it on, then on the Login page, the person can click a "forgot your password" link.  It will ask them to enter their email address tied to their user record.  When they enter the password in, it will send them a new password by email.

The password reset code itself is essentially just one line of code, which can be seen here.  So if you didn't want to upgrade to 2.0 for just this, you could use that line of code to reset the password.  That line of code is Membership.Provider.ResetPassword(.....).  You could quickly test it out by putting the following line of code into "Page_Load" of login.aspx.cs (in version 1.6.1).

Response.Write(Membership.Provider.ResetPassword("USERNAME", string.Empty));

... substitute USERNAME with the username of the user who forgot their password.  This should output the new password generated at the top of the page.  The new password generated will probably be some random characters.

Apr 16, 2011 at 2:56 PM

Looks like this is a good excuse to bite the bullet and upgrade.   Thanks for your help.