Tuesday, February 19, 2008

ASP.NET Membership Password Requirements

I've been meaning to post about this for a while.  I experienced an issue with the ASP.NET Membership provider and it's default password requirements.  By default the provider requires that a user's password contains at least one non-alphanumeric character.  After blindly stumbling around Google for a while I smacked my head on this post by Derek Hatchard.  Turns out that there is an attribute in the membership provider section called "minRequiredNonalphanumericCharacters".  Once I set this to "0", my issue was resolved.

There are some other cool attributes as well.  "MinRequiredPasswordLength" sets how long the password has to be.  You can even validate the password against a regular expression with the "passwordStrengthRegularExpression" attibute.

No comments: