Five New Optimizely Certifications are Here! Validate your expertise and advance your career with our latest certification exams. Click here to find out more
AI OnAI Off
Is it possible to define a Password Policy for EPiServerCommonMembershipProvider?
The short and cruel answer is -> No, it does not. The EPiServer.Common.Web.Authorization.MembershipProvider overrides the membership provider properties MinRequiredPasswordLength and MinRequiredNonAlphanumeric Characters, but they have hardcoded 0 as a return value. It does not support reseting the password either (ResetPassword is not implemented) + question and answer password resets.
You could try to inherit from this membership provider and override EPiServer overrides with your own values + add validation logic to the ChangePassword method before calling base.ChangePassword(...) if the validation succeded.
Jan 05, 2010 20:56
This thread is locked and should be used for reference only.
When using the SqlServerMembershipProvider for users within EPiServer, it is possible to apply a Password Policy with settings such as minRequiredPasswordLength and minRequiredNonalphanumericCharacters in the web.config file.
When using EPiServer Relate, Community users are managed using the EPiServerCommonMembershipProvider. Is there a way to apply a similar and/or more comprehensive Password Policy using this provider?