SqlMembershipProvider.EnablePasswordRetrieval Property

Definition

Namespace:

System.Web.Security

Assembly:

System.Web.dll

Gets a value indicating whether the SQL Server membership provider is configured to allow users to retrieve their passwords.

public:
 virtual property bool EnablePasswordRetrieval { bool get(); };

public override bool EnablePasswordRetrieval { get; }

member this.EnablePasswordRetrieval : bool

Public Overrides ReadOnly Property EnablePasswordRetrieval As Boolean

Property Value

Boolean

true if the membership provider supports password retrieval; otherwise, false. The default is false.

Examples

The following code example shows the membership element in the system.web section of the Web.config file for an ASP.NET application. It specifies the application's SqlMembershipProvider instance and enables password retrieval.

<membership defaultProvider="SqlProvider" userIsOnlineTimeWindow="20">  
  <providers>  
    <add name="SqlProvider"  
      type="System.Web.Security.SqlMembershipProvider"  
      connectionStringName="SqlServices"  
      enablePasswordRetrieval="true"  
      enablePasswordReset="false"  
      requiresQuestionAndAnswer="false"  
      passwordFormat="Encrypted"  
      applicationName="MyApplication" />  
  </providers>  
</membership>  

Remarks

If the PasswordFormat property is set to Hashed, a user will not be able to retrieve their existing password from the database. The Hashed password format provides one-way encoding of password values. Passwords are hashed with a randomly generated salt value and compared to values stored in the database for authentication. Hashed values cannot be unencoded to retrieve the original password value.

If the PasswordFormat property is set to Hashed, and EnablePasswordRetrieval is set to true, a ProviderException is thrown when the provider is initialized.

See also

• Introduction to ASP.NET Membership