EnablePasswordReset Property

Membership.EnablePasswordReset Property

Gets a value indicating whether the current membership provider is configured to allow users to reset their passwords.

Namespace:  System.Web.Security
Assembly:  System.Web (in System.Web.dll)

public static bool EnablePasswordReset { get; }

Property Value

Type: System.Boolean
true if the membership provider supports password reset; otherwise, false.

Password reset is the ability for ASP.NET membership to replace the current password for a user name with a new, randomly generated password when a user has forgotten their password or the current password is no longer valid. This is especially useful when password format is set to Hashed, as users cannot retrieve hashed password values.

The following code example shows the membership element in the system.web section of the Web.config file for an ASP.NET application. It specifies that the application use an instance of the SqlMembershipProvider and enables password reset.

<membership defaultProvider="SqlProvider" userIsOnlineTimeWindow="20">
    <add name="SqlProvider"
      applicationName="MyApplication" />

The following code example first verifies that EnablePasswordReset is true, then resets a user's password and returns the new, automatically generated password.

<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
<script runat="server">

public void Page_Load(object sender, EventArgs args)
  if (!Membership.EnablePasswordReset)

  Msg.Text = "";

  if (!IsPostBack)
    Msg.Text = "Please enter a user name.";

public void VerifyUsername()
    MembershipUser user = Membership.GetUser(UsernameTextBox.Text, false);

    if (user == null)
      Msg.Text = "The user name " + Server.HtmlEncode(UsernameTextBox.Text) + " was not found. Please check the value and reenter your user name.";

      QuestionLabel.Text = "";
      QuestionLabel.Enabled = false;
      AnswerTextBox.Enabled = false;
      ResetPasswordButton.Enabled = false;
      QuestionLabel.Text = user.PasswordQuestion;
      QuestionLabel.Enabled = true;
      AnswerTextBox.Enabled = true;
      ResetPasswordButton.Enabled = true;

public void ResetPassword_OnClick(object sender, EventArgs args)
  string newPassword = "";

    newPassword = Membership.Provider.ResetPassword(UsernameTextBox.Text, AnswerTextBox.Text);
  catch (NotSupportedException e)
    Msg.Text = "An error has occurred resetting your password: " + e.Message + "." +
               "Please check your values and try again.";
  catch (MembershipPasswordException e)
    Msg.Text = "Invalid password answer. Please reenter the answer and try again.";
  catch (System.Configuration.Provider.ProviderException e)
    Msg.Text = "The specified user name does not exist. Please check your value and try again.";

  if (newPassword != "")
    Msg.Text = "Password reset. Your new password is: " + Server.HtmlEncode(newPassword);
    Msg.Text = "Password reset failed. Please reenter your values and try again.";

<html xmlns="http://www.w3.org/1999/xhtml" >
<title>Sample: Reset Password</title>

<form id="form1" runat="server">
  <h3>Reset Password</h3>

  <asp:Label id="Msg" runat="server" ForeColor="maroon" /><br />

  Username: <asp:Textbox id="UsernameTextBox" Columns="30" runat="server" AutoPostBack="true" />
            <asp:RequiredFieldValidator id="UsernameRequiredValidator" runat="server"
                                        ControlToValidate="UsernameTextBox" ForeColor="red"
                                        Display="Static" ErrorMessage="Required" /><br />

  Password Question: <b><asp:Label id="QuestionLabel" runat="server" /></b><br />

  Answer: <asp:TextBox id="AnswerTextBox" Columns="60" runat="server" Enabled="false" />
          <asp:RequiredFieldValidator id="AnswerRequiredValidator" runat="server"
                                      ControlToValidate="AnswerTextBox" ForeColor="red"
                                      Display="Static" ErrorMessage="Required" Enabled="false" /><br />

  <asp:Button id="ResetPasswordButton" Text="Reset Password" 
              OnClick="ResetPassword_OnClick" runat="server" Enabled="false" />



.NET Framework

Supported in: 4, 3.5, 3.0, 2.0

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Community Additions

© 2015 Microsoft