Autogenerated Password Recovery are very difficult.

[A.I.]

How do you change the difficulty of self-generated passwords sent by the control recovery password? Although there are 0 non-alphanumeric characters necessary, the control produces a new password that creates our users a great deal of pain when it comes to modify your password. Out of storing passwords in clear (not want to do that), how I can control the passwords produced through the control recovery password? 6.8 random letters or numbers would be fine. The non-alphanumeric character has caused much confusion. And I copied the C # and converted it into VB, but I'm not familiar with saving a namespace or replace the control with the new behavior.

[Amie]

I am not sure that will help me in this situation. Basically, if a user forgets their password you can request your password reset, so you can login and change what they want. We are moving around 3000 accounts of a third party web handles belonging to an ASP.NET membership at home. Do to be hash, they cannot get their passwords, so you will be given a temporary password for them (I do not know) and will have to request a new password according to your email address or username. This will be emailed through AEP Password Recovery tool.

[HiSpeed]

The trouble is that most passwords are generated mechanically by the tool contain several non-alphanumeric characters. You would not believe how many comments I've received on this subject on the test! "Why does your website cursing me? The password that I received seems to be some kind of bad word!". "Can the password be harder to get in?" Etc, The work around I'm trying now really changed the password in case Sending Mail Password Recovery control. This works so that you can place the new password to whatever you desire. I now have to write a rapid function to make a random password to put in there instead of "bbbbbb". I seem for a text file for use vocabulary words, do not know. keep in mind, this is supposed to be only a impermanent password for recovery. The user must modify in their account settings.

[BiGMaCHiNe]

My proposal is that you make a reasonably easy but overtly lengthy password. this_is_my_impermanent_password_that_I_assure_to_modify_on_subsequently_login_truthful! Then copy the password and registration passwordSalt long the password on all user records. As for the restoration of user - no need for them to see the temporary key. When I faced the same situation, I have the user enter a form where you enter the new password and password confirmation, then come to the password reset feature, the temporary password was intercepted on the server and provide feedback on system with the new password. Nobody sees the temporary password.

[Connect_Me]

The way he had planned handling this was due to the fact that we have the username and email, but have no access to existing passwords. So what time imported every the customer data that have to generate new users, who used their usernames, and now ask a casual password that is the identical for everyone. No single person knows the password, but the data manager. It is only there since you have to have a few Passwords what time programmatically creating users Members asp.net. Then emailed to clients and tell them that the machine has been updated, but you require resetting your password. They go to the login page, click on "Forgot your username / password" and then a new password generated is sent to the email address is on file for that username. The user receives the new password for your email, then login, and then changes your password.