Membership.GeneratePassword Method
Assembly: System.Web (in system.web.dll)
'Declaration Public Shared Function GeneratePassword ( _ length As Integer, _ numberOfNonAlphanumericCharacters As Integer _ ) As String 'Usage Dim length As Integer Dim numberOfNonAlphanumericCharacters As Integer Dim returnValue As String returnValue = Membership.GeneratePassword(length, numberOfNonAlphanumericCharacters)
public static String GeneratePassword ( int length, int numberOfNonAlphanumericCharacters )
public static function GeneratePassword ( length : int, numberOfNonAlphanumericCharacters : int ) : String
Not applicable.
Parameters
- length
The number of characters in the generated password. The length must be between 1 and 128 characters.
- numberOfNonAlphanumericCharacters
The minimum number of punctuation characters in the generated password.
Return Value
A random password of the specified length.The GeneratePassword method is used to generate a random password and is most commonly used by the ResetPassword method implemented by a membership provider to reset the password for a user to a new, temporary password.
The generated password only contains alphanumeric characters and the following punctuation marks: !@#$%^&*()_-+=[{]};:<>|./?. No hidden or non-printable control characters are included in the generated password.
Note: |
|---|
|
The random password created by the GeneratePassword method is not guaranteed to pass the regular expression in the PasswordStrengthRegularExpression property. However, the random password will meet the criteria established by the MinRequiredPasswordLength property and the numberOfNonAlphanumericCharacters parameter. |
The following code example creates a new membership user and uses the GeneratePassword method to initialize the password for the new user to a random value, which is displayed to the user.
Security Note: |
|---|
|
This example contains a text box that accepts user input, which is a potential security threat. By default, ASP.NET Web pages validate that user input does not include script or HTML elements. For more information, see Script Exploits Overview (Visual Studio). |
<%@ Page Language="VB" %> <%@ Import Namespace="System.Web.Security" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <script runat="server"> Public Sub CreateUser_OnClick(sender As Object, args As EventArgs) ' Create a new 12-character password with 1 non-alphanumeric character. Dim password As String = Membership.GeneratePassword(12, 1) Try ' Create new user. Dim newUser As MembershipUser = Membership.CreateUser(UsernameTextbox.Text, password, _ EmailTextbox.Text) Msg.Text = "User <b>" & Server.HtmlEncode(UsernameTextbox.Text) & "</b> created. " & _ "Your temporary password is " & password & "." Catch e As MembershipCreateUserException Msg.Text = GetErrorMessage(e.StatusCode) Catch e As HttpException Msg.Text = e.Message End Try End Sub Public Function GetErrorMessage(status As MembershipCreateStatus) As String Select Case status Case MembershipCreateStatus.DuplicateUserName Return "Username already exists. Please enter a different user name." Case MembershipCreateStatus.DuplicateEmail Return "A username for that e-mail address already exists. Please enter a different e-mail address." Case MembershipCreateStatus.InvalidPassword Return "The password provided is invalid. Please enter a valid password value." Case MembershipCreateStatus.InvalidEmail Return "The e-mail address provided is invalid. Please check the value and try again." Case MembershipCreateStatus.InvalidAnswer Return "The password retrieval answer provided is invalid. Please check the value and try again." Case MembershipCreateStatus.InvalidQuestion Return "The password retrieval question provided is invalid. Please check the value and try again." Case MembershipCreateStatus.ProviderError Return "The authentication provider Returned an error. Please verify your entry and try again. If the problem persists, please contact your system administrator." Case MembershipCreateStatus.UserRejected Return "The user creation request has been canceled. Please verify your entry and try again. If the problem persists, please contact your system administrator." Case Else Return "An unknown error occurred. Please verify your entry and try again. If the problem persists, please contact your system administrator." End Select End Function </script> <html xmlns="http://www.w3.org/1999/xhtml" > <head> <title>Create User</title> </head> <body> <form id="form1" runat="server"> <h3>Create New User</h3> <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br /> <table cellpadding="3" border="0"> <tr> <td>Username:</td> <td><asp:Textbox id="UsernameTextbox" runat="server" /></td> <td><asp:RequiredFieldValidator id="UsernameRequiredValidator" runat="server" ControlToValidate="UserNameTextbox" ForeColor="red" Display="Static" ErrorMessage="Required" /></td> </tr> <tr> <td>Email Address:</td> <td><asp:Textbox id="EmailTextbox" runat="server" /></td> <td><asp:RequiredFieldValidator id="EmailRequiredValidator" runat="server" ControlToValidate="EmailTextbox" ForeColor="red" Display="Static" ErrorMessage="Required" /></td> </tr> <tr> <td></td> <td><asp:Button id="CreateUserButton" Text="Create User" OnClick="CreateUser_OnClick" runat="server" /></td> </tr> </table> </form> </body> </html>
Note: