This documentation is archived and is not being maintained.

Membership.GetUser Method (String, Boolean)

Gets the information from the data source for the specified membership user. Updates the last-activity date/time stamp for the user, if specified.

Namespace:  System.Web.Security
Assembly:  System.Web (in System.Web.dll)

public static MembershipUser GetUser(
	string username,
	bool userIsOnline


Type: System.String
The name of the user to retrieve.
Type: System.Boolean
If true, updates the last-activity date/time stamp for the specified user.

Return Value

Type: System.Web.Security.MembershipUser
A MembershipUser object representing the specified user. If the username parameter does not correspond to an existing user, this method returns null.


username contains a comma (,).


username is null.

The GetUser method retrieves the user information from the data source and creates a MembershipUser object populated with the returned data.

If you use one of the GetUser overloads that does not take a username parameter, GetUser returns the information for the current logged-on membership user. The current logged-on membership user is identified by the Name of the user in the current HttpContext.

You can also specify whether you want GetUser to update the last-activity date/time stamp for the user being retrieved with the userIsOnline parameter. Of the GetUser overloads that do not take a userIsOnline parameter, Membership.GetUser implicitly updates the last-activity date/time stamp for the user. Membership.GetUser and GetUser do not.

The following code example retrieves the password for a specified user name and sends it to the e-mail address for the specified user. The call to GetUser specifies that the last-activity date/time stamp for the user not be updated.

<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<%@ Import Namespace="System.Net.Mail" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
<script runat="server">

public void Page_Load(object sender, EventArgs args)
  if (!Membership.EnablePasswordRetrieval)

  Msg.Text = "";

  if (!IsPostBack)
    Msg.Text = "Please enter a user name.";

public void VerifyUsername()
    MembershipUser user = Membership.GetUser(UsernameTextBox.Text, false);

    if (user == null)
      Msg.Text = "The user name " + Server.HtmlEncode(UsernameTextBox.Text) + " was not found. Please check the value and re-enter.";

      QuestionLabel.Text = "";
      QuestionLabel.Enabled = false;
      AnswerTextBox.Enabled = false;
      EmailPasswordButton.Enabled = false;
      QuestionLabel.Text = user.PasswordQuestion;
      QuestionLabel.Enabled = true;
      AnswerTextBox.Enabled = true;
      EmailPasswordButton.Enabled = true;

public void EmailPassword_OnClick(object sender, EventArgs args)
  // Note: Returning a password in clear text using e-mail is not recommended for
  // sites that require a high level of security.

    string password = Membership.Provider.GetPassword(UsernameTextBox.Text, AnswerTextBox.Text);
    MembershipUser u = Membership.GetUser(UsernameTextBox.Text);
    EmailPassword(u.Email, password);
    Msg.Text = "Your password was sent via e-mail.";
  catch (MembershipPasswordException e)
    Msg.Text = "The password answer is incorrect. Please check the value and try again.";
  catch (System.Configuration.Provider.ProviderException e)
    Msg.Text = "An error occurred retrieving your password. Please check your values " +
               "and try again.";

private void EmailPassword(string email, string password)
    MailMessage Message = new MailMessage("administrator", email);
    Message.Subject = "Your Password";
    Message.Body = "Your password is: " + Server.HtmlEncode(password);

    SmtpClient SmtpMail = new SmtpClient("SMTPSERVER");
    Msg.Text = "An exception occurred while sending your password. Please try again.";

<html xmlns="" >
<title>Sample: Retrieve Password</title>

<form id="form1" runat="server">
  <h3>Retrieve Password</h3>

  <asp:Label id="Msg" runat="server" ForeColor="maroon" /><br />

  Username: <asp:Textbox id="UsernameTextBox" Columns="30" runat="server" AutoPostBack="true" />
            <asp:RequiredFieldValidator id="UsernameRequiredValidator" runat="server"
                                        ControlToValidate="UsernameTextBox" ForeColor="red"
                                        Display="Static" ErrorMessage="Required" /><br />

  Password Question: <b><asp:Label id="QuestionLabel" runat="server" /></b><br />

  Answer: <asp:TextBox id="AnswerTextBox" Columns="60" runat="server" Enabled="false" />
          <asp:RequiredFieldValidator id="AnswerRequiredValidator" runat="server"
                                      ControlToValidate="AnswerTextBox" ForeColor="red"
                                      Display="Static" ErrorMessage="Required" Enabled="false" /><br />

  <asp:Button id="EmailPasswordButton" Text="Email My Password" 
              OnClick="EmailPassword_OnClick" runat="server" Enabled="false" />



.NET Framework

Supported in: 4, 3.5, 3.0, 2.0

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.