MembershipValidatePasswordEventHandler Delegate


The .NET API Reference documentation has a new home. Visit the .NET API Browser on to see the new experience.

Represents the method that will handle the ValidatingPassword event of the MembershipProvider class.

Namespace:   System.Web.Security
Assembly:  System.Web.ApplicationServices (in System.Web.ApplicationServices.dll)

Public Delegate Sub MembershipValidatePasswordEventHandler (
	sender As Object,
	e As ValidatePasswordEventArgs


Type: System.Object

The MembershipProvider that raised the ValidatingPassword event.

Type: System.Web.Security.ValidatePasswordEventArgs

A ValidatePasswordEventArgs object that contains the event data.

The MembershipValidatePasswordEventHandler delegate is defined for the ValidatingPassword event for a membership provider. The ValidatingPassword event is raised when the CreateUser method, the ChangePassword method, or the ResetPassword method of a membership provider is called.

You can use the ValidatingPassword event to validate password formats and values for membership users.

You can cancel the current CreateUser, ChangePassword, or ResetPassword action by setting the Cancel property of the supplied ValidatePasswordEventArgs to true during the ValidatingPassword event.

If you cancel the current action by setting the Cancel property to true, you can set the FailureInformation property of the supplied ValidatePasswordEventArgs to an exception that describes the reason for the password-validation failure. The calling method will throw the exception that the FailureInformation property is set to. If the FailureInformation property is null, the caller will throw a generic password-validation failure exception.

The following code example shows a ValidatingPassword event that validates the format of the password for the user, and then cancels the action if the password does not match the required format.

Public Sub Page_Load()
    AddHandler Membership.ValidatingPassword, _
    New MembershipValidatePasswordEventHandler(AddressOf OnValidatePassword)
End Sub

Public Sub OnValidatePassword(sender As Object, _
                               args As ValidatePasswordEventArgs)
  Dim r As System.Text.RegularExpressions.Regex =  _
    New System.Text.RegularExpressions.Regex("(?=.{6,})(?=(.*\d){1,})(?=(.*\W){1,})")

  If Not r.IsMatch(args.Password) Then
    args.FailureInformation = _
      New HttpException("Password must be at least 6 characters long and " & _
                        "contain at least one number and one special character.")
    args.Cancel = True
  End If
End Sub

.NET Framework
Available since 2.0
Return to top