Try our conversational search powered by Generative AI!
AI OnAI Off
Is it possible to define a Password Policy for EPiServerCommonMembershipProvider?
The short and cruel answer is -> No, it does not. The EPiServer.Common.Web.Authorization.MembershipProvider overrides the membership provider properties MinRequiredPasswordLength and MinRequiredNonAlphanumeric Characters, but they have hardcoded 0 as a return value. It does not support reseting the password either (ResetPassword is not implemented) + question and answer password resets.
You could try to inherit from this membership provider and override EPiServer overrides with your own values + add validation logic to the ChangePassword method before calling base.ChangePassword(...) if the validation succeded.
Jan 05, 2010 20:56
This thread is locked and should be used for reference only.
When using the SqlServerMembershipProvider for users within EPiServer, it is possible to apply a Password Policy with settings such as minRequiredPasswordLength and minRequiredNonalphanumericCharacters in the web.config file.
When using EPiServer Relate, Community users are managed using the EPiServerCommonMembershipProvider. Is there a way to apply a similar and/or more comprehensive Password Policy using this provider?