Gets the duplicate password entered by the user.
Assembly: System.Web (in System.Web.dll)
The property contains the duplicate new password entered by the user.
You can use the NewPasswordRegularExpression property to define the requirements for the new password. This regular expression is used to enforce password rules on the client side.
The NewPasswordRegularExpression is not related to the password enforcement that can be configured at the data store level and enforced on the server side. The password must meet the minimum requirements set by the membership provider in the MinRequiredPasswordLength, MinRequiredNonAlphanumericCharacters, and PasswordStrengthRegularExpression properties. If the password does not meet these requirements, the ChangePasswordError event is raised.
Transmitting passwords over HTTP is a potential security threat. HTTP transmissions can be viewed or compromised by malicious users. To improve security when using login controls, you should use the HTTPS protocol with secure sockets layer (SSL) encryption to ensure that the user's password cannot be read during postback. For more information, see Securing Login Controls.