Membership.GetUser Method (String, Boolean)


The .NET API Reference documentation has a new home. Visit the .NET API Browser on to see the new experience.

Gets the information from the data source for the specified membership user. Updates the last-activity date/time stamp for the user, if specified.

Namespace:   System.Web.Security
Assembly:  System.Web (in System.Web.dll)

public static MembershipUser GetUser(
	string username,
	bool userIsOnline


Type: System.String

The name of the user to retrieve.

Type: System.Boolean

If true, updates the last-activity date/time stamp for the specified user.

Return Value

Type: System.Web.Security.MembershipUser

A MembershipUser object representing the specified user. If the username parameter does not correspond to an existing user, this method returns null.

Exception Condition

username contains a comma (,).


username is null.

The GetUser method retrieves the user information from the data source and creates a MembershipUser object populated with the returned data.

If you use one of the GetUser overloads that does not take a username parameter, GetUser returns the information for the current logged-on membership user. The current logged-on membership user is identified by the Name of the user in the current HttpContext.

You can also specify whether you want GetUser to update the last-activity date/time stamp for the user being retrieved with the userIsOnline parameter. Of the GetUser overloads that do not take a userIsOnline parameter, Membership.GetUser implicitly updates the last-activity date/time stamp for the user. Membership.GetUser and GetUser do not.

The following code example retrieves the password for a specified user name and sends it to the e-mail address for the specified user. The call to GetUser specifies that the last-activity date/time stamp for the user not be updated.

<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<%@ Import Namespace="System.Net.Mail" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
<script runat="server">

public void Page_Load(object sender, EventArgs args)
  if (!Membership.EnablePasswordRetrieval)

  Msg.Text = "";

  if (!IsPostBack)
    Msg.Text = "Please enter a user name.";

public void VerifyUsername()
    MembershipUser user = Membership.GetUser(UsernameTextBox.Text, false);

    if (user == null)
      Msg.Text = "The user name " + Server.HtmlEncode(UsernameTextBox.Text) + " was not found. Please check the value and re-enter.";

      QuestionLabel.Text = "";
      QuestionLabel.Enabled = false;
      AnswerTextBox.Enabled = false;
      EmailPasswordButton.Enabled = false;
      QuestionLabel.Text = user.PasswordQuestion;
      QuestionLabel.Enabled = true;
      AnswerTextBox.Enabled = true;
      EmailPasswordButton.Enabled = true;

public void EmailPassword_OnClick(object sender, EventArgs args)
  // Note: Returning a password in clear text using e-mail is not recommended for
  // sites that require a high level of security.

    string password = Membership.Provider.GetPassword(UsernameTextBox.Text, AnswerTextBox.Text);
    MembershipUser u = Membership.GetUser(UsernameTextBox.Text);
    EmailPassword(u.Email, password);
    Msg.Text = "Your password was sent via e-mail.";
  catch (MembershipPasswordException e)
    Msg.Text = "The password answer is incorrect. Please check the value and try again.";
  catch (System.Configuration.Provider.ProviderException e)
    Msg.Text = "An error occurred retrieving your password. Please check your values " +
               "and try again.";

private void EmailPassword(string email, string password)
    MailMessage Message = new MailMessage("administrator", email);
    Message.Subject = "Your Password";
    Message.Body = "Your password is: " + Server.HtmlEncode(password);

    SmtpClient SmtpMail = new SmtpClient("SMTPSERVER");
    Msg.Text = "An exception occurred while sending your password. Please try again.";

<html xmlns="" >
<title>Sample: Retrieve Password</title>

<form id="form1" runat="server">
  <h3>Retrieve Password</h3>

  <asp:Label id="Msg" runat="server" ForeColor="maroon" /><br />

  Username: <asp:Textbox id="UsernameTextBox" Columns="30" runat="server" AutoPostBack="true" />
            <asp:RequiredFieldValidator id="UsernameRequiredValidator" runat="server"
                                        ControlToValidate="UsernameTextBox" ForeColor="red"
                                        Display="Static" ErrorMessage="Required" /><br />

  Password Question: <b><asp:Label id="QuestionLabel" runat="server" /></b><br />

  Answer: <asp:TextBox id="AnswerTextBox" Columns="60" runat="server" Enabled="false" />
          <asp:RequiredFieldValidator id="AnswerRequiredValidator" runat="server"
                                      ControlToValidate="AnswerTextBox" ForeColor="red"
                                      Display="Static" ErrorMessage="Required" Enabled="false" /><br />

  <asp:Button id="EmailPasswordButton" Text="Email My Password" 
              OnClick="EmailPassword_OnClick" runat="server" Enabled="false" />



.NET Framework
Available since 2.0
Return to top