MembershipUser.LastPasswordChangedDate Property
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Gets the date and time when the membership user's password was last updated.
public:
virtual property DateTime LastPasswordChangedDate { DateTime get(); };public virtual DateTime LastPasswordChangedDate { get; }member this.LastPasswordChangedDate : DateTimePublic Overridable ReadOnly Property LastPasswordChangedDate As DateTimeProperty Value
The date and time when the membership user's password was last updated.
Examples
The following code example shows a login page that indicates a password has expired after a specified number of days. If the LastPasswordChangedDate is earlier than the current date and time minus the number of days specified for the expiration of a password, then the user is directed to change their password.
Important
This example contains a text box that accepts user input, which is a potential security threat. By default, ASP.NET Web pages validate that user input does not include script or HTML elements. For more information, see Script Exploits Overview.
<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
double passwordExpiresDays = 90;
public void Login_OnClick(object sender, EventArgs args)
{
MembershipUser u = Membership.GetUser(UsernameTextbox.Text);
if (u == null)
{
Msg.Text = "Invalid user name. Please check your user name and try again.";
return;
}
if (Membership.ValidateUser(UsernameTextbox.Text, PasswordTextbox.Text))
{
if (u.LastPasswordChangedDate.AddDays(passwordExpiresDays) < DateTime.Now)
{
Msg.Text = "Your password has expired. Please change your password to a new value.";
UsernameLabel.Text = UsernameTextbox.Text;
ChangePasswordPanel.Visible = true;
LoginPanel.Visible = false;
}
else
{
FormsAuthentication.RedirectFromLoginPage(UsernameTextbox.Text, NotPublicCheckBox.Checked);
}
}
else
{
Msg.Text = "Invalid password. Please check your password and try again.";
}
}
public void ChangePassword_OnClick(object sender, EventArgs args)
{
// Update the password.
MembershipUser u = Membership.GetUser(UsernameLabel.Text);
if (u.ChangePassword(OldPasswordTextbox.Text, NewPasswordTextbox.Text))
{
Msg.Text = "Password changed.";
ChangePasswordPanel.Visible = false;
LoginPanel.Visible = true;
}
else
{
Msg.Text = "Password change failed. Please re-enter your values and try again.";
}
}
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Login</title>
</head>
<body>
<form id="form1" runat="server">
<h3>Login</h3>
<asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />
<asp:Panel id="LoginPanel" runat="Server">
Username: <asp:Textbox id="UsernameTextbox" runat="server" /><br />
Password: <asp:Textbox id="PasswordTextbox" runat="server" TextMode="Password" /><br />
<asp:Button id="LoginButton" Text="Login" OnClick="Login_OnClick" runat="server" />
<asp:CheckBox id="NotPublicCheckBox" runat="server" /> Check here if this is <span style="text-decoration:underline">not</span> a public computer.
</asp:Panel>
<asp:Panel id="ChangePasswordPanel" runat="Server" Visible="False">
<table cellpadding="3" border="0">
<tr>
<td>Username:</td>
<td><b><asp:Label id="UsernameLabel" runat="server" /></b></td>
<td></td>
</tr>
<tr>
<td>Old Password:</td>
<td><asp:Textbox id="OldPasswordTextbox" runat="server" TextMode="Password" /></td>
<td><asp:RequiredFieldValidator id="OldPasswordRequiredValidator" runat="server"
ControlToValidate="OldPasswordTextbox" ForeColor="red"
Display="Static" ErrorMessage="Required" /></td>
</tr>
<tr>
<td>Password:</td>
<td><asp:Textbox id="NewPasswordTextbox" runat="server" TextMode="Password" /></td>
<td><asp:RequiredFieldValidator id="PasswordRequiredValidator" runat="server"
ControlToValidate="NewPasswordTextbox" ForeColor="red"
Display="Static" ErrorMessage="Required" /></td>
</tr>
<tr>
<td>Confirm Password:</td>
<td><asp:Textbox id="PasswordConfirmTextbox" runat="server" TextMode="Password" /></td>
<td><asp:RequiredFieldValidator id="PasswordConfirmRequiredValidator" runat="server"
ControlToValidate="PasswordConfirmTextbox" ForeColor="red"
Display="Static" ErrorMessage="Required" />
<asp:CompareValidator id="PasswordConfirmCompareValidator" runat="server"
ControlToValidate="PasswordConfirmTextbox" ForeColor="red"
Display="Static" ControlToCompare="PasswordTextBox"
ErrorMessage="Confirm password must match password." />
</td>
</tr>
<tr>
<td></td>
<td><asp:Button id="ChangePasswordButton" Text="Change Password"
OnClick="ChangePassword_OnClick" runat="server" /></td>
</tr>
</table>
</asp:Panel>
</form>
<br />
</body>
</html>
<%@ Page Language="VB" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
Dim passwordExpiresDays As Double = 90
Public Sub Login_OnClick(sender As Object, args As EventArgs)
Dim u As MembershipUser = Membership.GetUser(UsernameTextbox.Text)
If u Is Nothing Then
Msg.Text = "Invalid user name. Please check your user name and try again."
Return
End If
If Membership.ValidateUser(UsernameTextbox.Text, PasswordTextbox.Text) Then
If u.LastPasswordChangedDate.AddDays(passwordExpiresDays) < DateTime.Now Then
Msg.Text = "Your password has expired. Please change your password to a new value."
UsernameLabel.Text = UsernameTextbox.Text
ChangePasswordPanel.Visible = True
LoginPanel.Visible = False
Else
FormsAuthentication.RedirectFromLoginPage(UsernameTextbox.Text, NotPublicCheckBox.Checked)
End If
Else
Msg.Text = "Invalid password. Please check your password and try again."
End If
End Sub
Public Sub ChangePassword_OnClick(sender As Object, args As EventArgs)
' Update the password.
Dim u As MembershipUser = Membership.GetUser(UsernameLabel.Text)
If u.ChangePassword(OldPasswordTextbox.Text, NewPasswordTextbox.Text) Then
Msg.Text = "Password changed."
ChangePasswordPanel.Visible = False
LoginPanel.Visible = True
Else
Msg.Text = "Password change failed. Please re-enter your values and try again."
End If
End Sub
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Login</title>
</head>
<body>
<form id="form1" runat="server">
<h3>Login</h3>
<asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />
<asp:Panel id="LoginPanel" runat="Server">
Username: <asp:Textbox id="UsernameTextbox" runat="server" /><br />
Password: <asp:Textbox id="PasswordTextbox" runat="server" TextMode="Password" /><br />
<asp:Button id="LoginButton" Text="Login" OnClick="Login_OnClick" runat="server" />
<asp:CheckBox id="NotPublicCheckBox" runat="server" /> Check here if this is <span style="text-decoration:underline">not</span> a public computer.
</asp:Panel>
<asp:Panel id="ChangePasswordPanel" runat="Server" Visible="False">
<table cellpadding="3" border="0">
<tr>
<td>Username:</td>
<td><b><asp:Label id="UsernameLabel" runat="server" /></b></td>
<td></td>
</tr>
<tr>
<td>Old Password:</td>
<td><asp:Textbox id="OldPasswordTextbox" runat="server" TextMode="Password" /></td>
<td><asp:RequiredFieldValidator id="OldPasswordRequiredValidator" runat="server"
ControlToValidate="OldPasswordTextbox" ForeColor="red"
Display="Static" ErrorMessage="Required" /></td>
</tr>
<tr>
<td>Password:</td>
<td><asp:Textbox id="NewPasswordTextbox" runat="server" TextMode="Password" /></td>
<td><asp:RequiredFieldValidator id="PasswordRequiredValidator" runat="server"
ControlToValidate="NewPasswordTextbox" ForeColor="red"
Display="Static" ErrorMessage="Required" /></td>
</tr>
<tr>
<td>Confirm Password:</td>
<td><asp:Textbox id="PasswordConfirmTextbox" runat="server" TextMode="Password" /></td>
<td><asp:RequiredFieldValidator id="PasswordConfirmRequiredValidator" runat="server"
ControlToValidate="PasswordConfirmTextbox" ForeColor="red"
Display="Static" ErrorMessage="Required" />
<asp:CompareValidator id="PasswordConfirmCompareValidator" runat="server"
ControlToValidate="PasswordConfirmTextbox" ForeColor="red"
Display="Static" ControlToCompare="PasswordTextBox"
ErrorMessage="Confirm password must match password." />
</td>
</tr>
<tr>
<td></td>
<td><asp:Button id="ChangePasswordButton" Text="Change Password"
OnClick="ChangePassword_OnClick" runat="server" /></td>
</tr>
</table>
</asp:Panel>
</form>
<br />
</body>
</html>
Remarks
The SqlMembershipProvider sets the CreationDate, LastLoginDate, LastActivityDate, and LastPasswordChangedDate date to the same date and time when a membership user is created by the CreateUser method.
Applies to
See also
Collaborate with us on GitHub
The source for this content can be found on GitHub, where you can also create and review issues and pull requests. For more information, see our contributor guide.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for