Export (0) Print
Expand All
Expand Minimize

ChangePassword.NewPasswordRegularExpression Property

Gets or sets the regular expression that is used to validate the password provided by the user.

Namespace:  System.Web.UI.WebControls
Assembly:  System.Web (in System.Web.dll)

public virtual string NewPasswordRegularExpression { get; set; }
<asp:ChangePassword NewPasswordRegularExpression="String" />

Property Value

Type: System.String
The regular expression string used to validate the new password provided by the user. The default is Empty.

Use the NewPasswordRegularExpression property to define the requirements for passwords that are used to validate user accounts on your Web site. This regular expression is used to enforce password rules on the client side. The NewPasswordRegularExpression is not related to the password enforcement that can be configured at the data store level. The password must meet the minimum requirements set by the membership provider in the MinRequiredPasswordLength, MinRequiredNonAlphanumericCharacters, and PasswordStrengthRegularExpression properties. If the password does not meet these requirements, the ChangePasswordError event is raised.

To display requirements to the user, set the PasswordHintText property.

If the password entered does not pass the regular expression contained in the NewPasswordRegularExpression property, the text contained in the NewPasswordRegularExpressionErrorMessage property is displayed to the user.

If the password is rejected by the membership provider, the text contained in the ChangePasswordFailureText property is displayed.

A common use of password standards is to force users to select strong passwords. As a best practice, enforce password rules at the data level in the membership provider. The NewPasswordRegularExpression property allows for the convenience of checking the password on the client side, but does not lock out users who make repeated attempts to log on. To improve security, configure your membership provider to restrict the number of attempts a user may make to log on. For more information, see Securing Membership.

The following code example shows how to set the NewPasswordRegularExpression property to define a regular expression that checks passwords to ensure that they meet the following criteria:

  • Are greater than six characters.

  • Contain at least one digit.

  • Contain at least one special (non-alphanumeric) character.

The password requirements contained in the PasswordHintText property are displayed to the user.

If the password entered by the user does not meet the criteria, the text contained in the NewPasswordRegularExpressionErrorMessage property is displayed to the user. If a new password is not entered, the text contained in the NewPasswordRequiredErrorMessage property is displayed to the user.

NoteNote

The new password must also meet the minimum requirements set by the membership provider in the MinRequiredPasswordLength, MinRequiredNonAlphanumericCharacters, and PasswordStrengthRegularExpression properties. If the password does not meet these requirements, the ChangePasswordError event is raised.

<%@ page language="C#"%>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

</script>

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
  <title>Change Password with Validation</title>
</head>
<body>
  <form id="form1" runat="server">
  <div>
  <asp:changepassword id="ChangePassword1" runat="server"
  PasswordHintText = 
    "Please enter a password at least 7 characters long, 
    containing a number and one special character."
  NewPasswordRegularExpression =
    '@\"(?=.{7,})(?=(.*\d){1,})(?=(.*\W){1,})' 
  NewPasswordRegularExpressionErrorMessage =
    "Error: Your password must be at least 7 characters long, 
    and contain at least one number and one special character." >
  </asp:changepassword>
  </div>
  </form>
</body>
</html>

.NET Framework

Supported in: 4.5.2, 4.5.1, 4.5, 4, 3.5, 3.0, 2.0

Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Show:
© 2014 Microsoft