ChangePassword.NewPasswordRegularExpression Property
Assembly: System.Web (in system.web.dll)
/** @property */ public String get_NewPasswordRegularExpression () /** @property */ public void set_NewPasswordRegularExpression (String value)
public function get NewPasswordRegularExpression () : String public function set NewPasswordRegularExpression (value : String)
Property Value
The regular expression string used to validate the new password provided by the user. The default is Empty.Use the NewPasswordRegularExpression property to define the requirements for passwords that are used to validate user accounts on your Web site. This regular expression is used to enforce password rules on the client side. The NewPasswordRegularExpression is not related to the password enforcement that can be configured at the data store level. The password must meet the minimum requirements set by the membership provider in the MinRequiredPasswordLength, MinRequiredNonAlphanumericCharacters, and PasswordStrengthRegularExpression properties. If the password does not meet these requirements, the ChangePasswordError event is raised.
To display requirements to the user, set the PasswordHintText property.
If the password entered does not pass the regular expression contained in the NewPasswordRegularExpression property, the text contained in the NewPasswordRegularExpressionErrorMessage property is displayed to the user.
If the password is rejected by the membership provider, the text contained in the ChangePasswordFailureText property is displayed.
A common use of password standards is to force users to select strong passwords. As a best practice, enforce password rules at the data level in the membership provider. The NewPasswordRegularExpression property allows for the convenience of checking the password on the client side, but does not lock out users who make repeated attempts to log on. To improve security, configure your membership provider to restrict the number of attempts a user may make to log on. For more information, see Securing Membership.
The following code example shows how to set the NewPasswordRegularExpression property to define a regular expression that checks passwords to ensure that they meet the following criteria:
-
Are greater than six characters.
-
Contain at least one digit.
-
Contain at least one special (non-alphanumeric) character.
The password requirements contained in the PasswordHintText property are displayed to the user.
If the password entered by the user does not meet the criteria, the text contained in the NewPasswordRegularExpressionErrorMessage property is displayed to the user. If a new password is not entered, the text contained in the NewPasswordRequiredErrorMessage property is displayed to the user.
Note |
|---|
| The new password must also meet the minimum requirements set by the membership provider in the MinRequiredPasswordLength, MinRequiredNonAlphanumericCharacters, and PasswordStrengthRegularExpression properties. If the password does not meet these requirements, the ChangePasswordError event is raised. |
<%@ page language="C#"%> <script runat="server"> </script> <html> <head runat="server"> <title>Change Password with Validation</title> </head> <body> <form id="form1" runat="server"> <div> <asp:changepassword id="ChangePassword1" runat="server" PasswordHintText = "Please enter a password at least 7 characters long, containing a number and one special character." NewPasswordRegularExpression = '@\"(?=.{7,})(?=(.*\d){1,})(?=(.*\W){1,})' NewPasswordRegularExpressionErrorMessage = "Error: Your password must be at least 7 characters long, and contain at least one number and one special character." > </asp:changepassword> </div> </form> </body> </html>
Windows 98, Windows 2000 SP4, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition
The .NET Framework does not support all versions of every platform. For a list of the supported versions, see System Requirements.
Reference
ChangePassword ClassChangePassword Members
System.Web.UI.WebControls Namespace
PasswordHintText
ChangePassword.NewPassword Property
NewPasswordRegularExpressionErrorMessage
ChangePassword.NewPasswordLabelText Property
NewPasswordRequiredErrorMessage
Other Resources
ASP.NET Login Controls OverviewCustomizing the Appearance of ASP.NET Login Controls
ASP.NET Web Server Controls Templates
How to: Display Different Information to Anonymous and Logged-in Users
Web Site Administration Tool Security Tab
Securing Login Controls
Basic Security Practices for Web Applications
Securing Membership
Note