I simply want to know how to manually check if the value a user has provided for the answer to their security question matches their current answer on record. I want to use the build in support of the ASP.Net membership and membershipuser objects.
I see that via the passwordrecovery control that the actual answer can be returned. However I am currently not using this control and it would take a good bit to integrate it as it does not meet our user's requirements.
In a worst case scenario, getting the actual answer (like the开发者_StackOverflow中文版 passwordrecovery control does) and manually checking it in our application would be acceptable.
A best case scenario is some sort of API where I can pass in the user name and the answer to their security question that was provided and simply get an indication of whether answer was correct or not.
Any help would be greatly appreciated.
First fetch the user via Membership.GetUser
, then call the GetPassword method on the user. A MembershipPasswordException
will be thrown if the answer is wrong.
If you're looking to immediately reset the password, calling the correct ResetPassword
overload directly might be a better idea.
精彩评论