Gets the date and time when the membership user's password was last updated.
Assembly: System.Web.ApplicationServices (in System.Web.ApplicationServices.dll)
Public Overridable ReadOnly Property LastPasswordChangedDate As DateTime Get
public virtual DateTime LastPasswordChangedDate { get; }
public: virtual property DateTime LastPasswordChangedDate { DateTime get (); }
abstract LastPasswordChangedDate : DateTime override LastPasswordChangedDate : DateTime
Property Value
Type: System.DateTimeThe date and time when the membership user's password was last updated.
The SqlMembershipProvider sets the CreationDate, LastLoginDate, LastActivityDate, and LastPasswordChangedDate date to the same date and time when a membership user is created by the CreateUser method.
The following code example shows a login page that indicates a password has expired after a specified number of days. If the LastPasswordChangedDate is earlier than the current date and time minus the number of days specified for the expiration of a password, then the user is directed to change his or her password.
Security Note
|
|---|
|
This example contains a text box that accepts user input, which is a potential security threat. By default, ASP.NET Web pages validate that user input does not include script or HTML elements. For more information, see Script Exploits Overview. |
<%@ Page Language="VB" %> <%@ Import Namespace="System.Web.Security" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <script runat="server"> Dim passwordExpiresDays As Double = 90 Public Sub Login_OnClick(sender As Object, args As EventArgs) Dim u As MembershipUser = Membership.GetUser(UsernameTextbox.Text) If u Is Nothing Then Msg.Text = "Invalid user name. Please check your user name and try again." Return End If If Membership.ValidateUser(UsernameTextbox.Text, PasswordTextbox.Text) Then If u.LastPasswordChangedDate.AddDays(passwordExpiresDays) < DateTime.Now Then Msg.Text = "Your password has expired. Please change your password to a new value." UsernameLabel.Text = UsernameTextbox.Text ChangePasswordPanel.Visible = True LoginPanel.Visible = False Else FormsAuthentication.RedirectFromLoginPage(UsernameTextbox.Text, NotPublicCheckBox.Checked) End If Else Msg.Text = "Invalid password. Please check your password and try again." End If End Sub Public Sub ChangePassword_OnClick(sender As Object, args As EventArgs) ' Update the password. Dim u As MembershipUser = Membership.GetUser(UsernameLabel.Text) If u.ChangePassword(OldPasswordTextbox.Text, NewPasswordTextbox.Text) Then Msg.Text = "Password changed." ChangePasswordPanel.Visible = False LoginPanel.Visible = True Else Msg.Text = "Password change failed. Please re-enter your values and try again." End If End Sub </script> <html xmlns="http://www.w3.org/1999/xhtml" > <head> <title>Login</title> </head> <body> <form id="form1" runat="server"> <h3>Login</h3> <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br /> <asp:Panel id="LoginPanel" runat="Server"> Username: <asp:Textbox id="UsernameTextbox" runat="server" /><br /> Password: <asp:Textbox id="PasswordTextbox" runat="server" TextMode="Password" /><br /> <asp:Button id="LoginButton" Text="Login" OnClick="Login_OnClick" runat="server" /> <asp:CheckBox id="NotPublicCheckBox" runat="server" /> Check here if this is <span style="text-decoration:underline">not</span> a public computer. </asp:Panel> <asp:Panel id="ChangePasswordPanel" runat="Server" Visible="False"> <table cellpadding="3" border="0"> <tr> <td>Username:</td> <td><b><asp:Label id="UsernameLabel" runat="server" /></b></td> <td></td> </tr> <tr> <td>Old Password:</td> <td><asp:Textbox id="OldPasswordTextbox" runat="server" TextMode="Password" /></td> <td><asp:RequiredFieldValidator id="OldPasswordRequiredValidator" runat="server" ControlToValidate="OldPasswordTextbox" ForeColor="red" Display="Static" ErrorMessage="Required" /></td> </tr> <tr> <td>Password:</td> <td><asp:Textbox id="NewPasswordTextbox" runat="server" TextMode="Password" /></td> <td><asp:RequiredFieldValidator id="PasswordRequiredValidator" runat="server" ControlToValidate="NewPasswordTextbox" ForeColor="red" Display="Static" ErrorMessage="Required" /></td> </tr> <tr> <td>Confirm Password:</td> <td><asp:Textbox id="PasswordConfirmTextbox" runat="server" TextMode="Password" /></td> <td><asp:RequiredFieldValidator id="PasswordConfirmRequiredValidator" runat="server" ControlToValidate="PasswordConfirmTextbox" ForeColor="red" Display="Static" ErrorMessage="Required" /> <asp:CompareValidator id="PasswordConfirmCompareValidator" runat="server" ControlToValidate="PasswordConfirmTextbox" ForeColor="red" Display="Static" ControlToCompare="PasswordTextBox" ErrorMessage="Confirm password must match password." /> </td> </tr> <tr> <td></td> <td><asp:Button id="ChangePasswordButton" Text="Change Password" OnClick="ChangePassword_OnClick" runat="server" /></td> </tr> </table> </asp:Panel> </form> <br /> </body> </html>
<%@ Page Language="C#" %> <%@ Import Namespace="System.Web.Security" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <script runat="server"> double passwordExpiresDays = 90; public void Login_OnClick(object sender, EventArgs args) { MembershipUser u = Membership.GetUser(UsernameTextbox.Text); if (u == null) { Msg.Text = "Invalid user name. Please check your user name and try again."; return; } if (Membership.ValidateUser(UsernameTextbox.Text, PasswordTextbox.Text)) { if (u.LastPasswordChangedDate.AddDays(passwordExpiresDays) < DateTime.Now) { Msg.Text = "Your password has expired. Please change your password to a new value."; UsernameLabel.Text = UsernameTextbox.Text; ChangePasswordPanel.Visible = true; LoginPanel.Visible = false; } else { FormsAuthentication.RedirectFromLoginPage(UsernameTextbox.Text, NotPublicCheckBox.Checked); } } else { Msg.Text = "Invalid password. Please check your password and try again."; } } public void ChangePassword_OnClick(object sender, EventArgs args) { // Update the password. MembershipUser u = Membership.GetUser(UsernameLabel.Text); if (u.ChangePassword(OldPasswordTextbox.Text, NewPasswordTextbox.Text)) { Msg.Text = "Password changed."; ChangePasswordPanel.Visible = false; LoginPanel.Visible = true; } else { Msg.Text = "Password change failed. Please re-enter your values and try again."; } } </script> <html xmlns="http://www.w3.org/1999/xhtml" > <head> <title>Login</title> </head> <body> <form id="form1" runat="server"> <h3>Login</h3> <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br /> <asp:Panel id="LoginPanel" runat="Server"> Username: <asp:Textbox id="UsernameTextbox" runat="server" /><br /> Password: <asp:Textbox id="PasswordTextbox" runat="server" TextMode="Password" /><br /> <asp:Button id="LoginButton" Text="Login" OnClick="Login_OnClick" runat="server" /> <asp:CheckBox id="NotPublicCheckBox" runat="server" /> Check here if this is <span style="text-decoration:underline">not</span> a public computer. </asp:Panel> <asp:Panel id="ChangePasswordPanel" runat="Server" Visible="False"> <table cellpadding="3" border="0"> <tr> <td>Username:</td> <td><b><asp:Label id="UsernameLabel" runat="server" /></b></td> <td></td> </tr> <tr> <td>Old Password:</td> <td><asp:Textbox id="OldPasswordTextbox" runat="server" TextMode="Password" /></td> <td><asp:RequiredFieldValidator id="OldPasswordRequiredValidator" runat="server" ControlToValidate="OldPasswordTextbox" ForeColor="red" Display="Static" ErrorMessage="Required" /></td> </tr> <tr> <td>Password:</td> <td><asp:Textbox id="NewPasswordTextbox" runat="server" TextMode="Password" /></td> <td><asp:RequiredFieldValidator id="PasswordRequiredValidator" runat="server" ControlToValidate="NewPasswordTextbox" ForeColor="red" Display="Static" ErrorMessage="Required" /></td> </tr> <tr> <td>Confirm Password:</td> <td><asp:Textbox id="PasswordConfirmTextbox" runat="server" TextMode="Password" /></td> <td><asp:RequiredFieldValidator id="PasswordConfirmRequiredValidator" runat="server" ControlToValidate="PasswordConfirmTextbox" ForeColor="red" Display="Static" ErrorMessage="Required" /> <asp:CompareValidator id="PasswordConfirmCompareValidator" runat="server" ControlToValidate="PasswordConfirmTextbox" ForeColor="red" Display="Static" ControlToCompare="PasswordTextBox" ErrorMessage="Confirm password must match password." /> </td> </tr> <tr> <td></td> <td><asp:Button id="ChangePasswordButton" Text="Change Password" OnClick="ChangePassword_OnClick" runat="server" /></td> </tr> </table> </asp:Panel> </form> <br /> </body> </html>
.NET Framework
Supported in: 4, 3.5, 3.0, 2.0.NET Framework Client Profile
Supported in: 4Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2
The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
Security Note