Membership.ValidatingPassword Event

Occurs when a user is created, a password is changed, or a password is reset.

Namespace: System.Web.Security
Assembly: System.Web (in system.web.dll)

public static event MembershipValidatePasswordEventHandler ValidatingPassword
/** @event */
public static void add_ValidatingPassword (MembershipValidatePasswordEventHandler value)

/** @event */
public static void remove_ValidatingPassword (MembershipValidatePasswordEventHandler value)

In JScript, you can handle the events defined by a class, but you cannot define your own.
Not applicable.

The ValidatingPassword event is raised when the CreateUser method, the ChangePassword method, or the ResetPassword method of a membership provider is called.

You can use the ValidatingPassword event to validate password formats and values for membership users.

You can cancel the current CreateUser, ChangePassword, or ResetPassword action by setting the Cancel property of the supplied ValidatePasswordEventArgs to true during the ValidatingPassword event.

If you cancel the current action by setting the Cancel property to true, you can set the FailureInformation property of the supplied ValidatePasswordEventArgs to an exception that describes the reason for the password-validation failure. The calling method will throw the exception that the FailureInformation property is set to. If the FailureInformation property is a null reference (Nothing in Visual Basic), the caller will throw a generic password-validation-failure exception.

The following code example shows a ValidatingPassword event that validates the format of the password for a user and cancels the action if the password does not match the required format.

public void Page_Load()
{
  Membership.ValidatingPassword +=
    new MembershipValidatePasswordEventHandler(OnValidatePassword);
}

public void OnValidatePassword(object sender,
                              ValidatePasswordEventArgs args)
{
  System.Text.RegularExpressions.Regex r =
    new System.Text.RegularExpressions.Regex(@"(?=.{6,})(?=(.*\d){1,})(?=(.*\W){1,})");


  if (!r.IsMatch(args.Password))
  {
    args.FailureInformation =
      new HttpException("Password must be at least 6 characters long and " +
                        "contain at least one number and one special character.");
    args.Cancel = true;
  }
}

Windows 98, Windows Server 2000 SP4, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition

The Microsoft .NET Framework 3.0 is supported on Windows Vista, Microsoft Windows XP SP2, and Windows Server 2003 SP1.

.NET Framework

Supported in: 3.0, 2.0

Community Additions

ADD
Show: