Gets the new password entered by the user.
Assembly: System.Web (in System.Web.dll)
Theproperty contains the new password entered by the user.
You can use the NewPasswordRegularExpression property to define the requirements for the new password. This regular expression is used to enforce password rules on the client side. The NewPasswordRegularExpression is not related to the password enforcement that can be configured at the data store level. The password must meet the minimum requirements set by the in the MinRequiredPasswordLength, MinRequiredNonAlphanumericCharacters, and PasswordStrengthRegularExpression properties. If the password does not meet these requirements, the ChangePasswordError event is raised.
Transmitting passwords over HTTP is a potential security threat. HTTP transmissions can be viewed or compromised by malicious users. To improve security when using login controls, you should use HTTPS protocol with secure sockets layer (SSL) encryption to ensure that the user's password cannot be read during postback. For more information, see Securing Login Controls.
The following code example shows how to use an ASP.NET page that uses a ChangePassword control, and includes a handler for the ChangingPassword event named ChangingPassword. ChangingPassword compares the old password stored in the CurrentPassword property to the new password stored in . If they are the same, changing the password fails.
The code example assumes that the ASP.NET Web site has been configured to use ASP.NET membership and Forms authentication, and that a user has been created whose name and password are known to you. For more information, see How to: Implement Simple Forms Authentication.
Available since 2.0
ASP.NET Login Controls Overview
Customizing the Appearance of ASP.NET Login Controls
ASP.NET Web Server Controls Templates
How to: Display Different Information to Anonymous and Logged In Users
Web Site Administration Tool Security Tab
Securing Login Controls
Basic Security Practices for Web Applications