We recently upgrade our DNN site from 6.2.8 to 7.2.2.

When we try to do a password reset for any of our users we get the following error:

"There was an error setting the password. The password has not been changed."

That is just about the only thing in the EventLog

Previously the site used the PasswordQuestion and PasswordAnswer feature, which seems to be obsolete now.  

However when we do a password reset we are challenged with the Password Question and Answer.  Once we fill that out we get an email with the reset-token but then we get the message that the password wasn't reset.

I have tried turning off the PasswordQuestion feature in the web.config but even if I set it to false we are still challenged with the password question and answer.

I have turned off the password history as I saw that might be the issue but the problem remains.

The passwords we are trying meet the complexity criteria.

The web.config settings are currently:

    <add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="SiteSqlServer" enablePasswordRetrieval="true" enablePasswordReset="true" requiresQuestionAndAnswer="false" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="1" requiresUniqueEmail="false" passwordFormat="Encrypted" applicationName="DotNetNuke" description="Stores and retrieves membership data from the local Microsoft SQL Server database" passwordStrengthRegularExpression="^.*(?=.{14,})(?=.*[a-z])(?=.*[A-Z])(?=.*[\W])(?=.*[\d]).*$" />

Anyone have any ideas?

Thanks,
Stuart

I cleared out the question and answer in the aspnet_membership table for one user and they were still being presented with the question when I went to reset the password, which didn't make any sense to me as I thought that is where it came from.

I hate to interrupt your holiday, so no need to reply, but it sounds like this isn't working as intended so I am going to have to dig into it and figure out where all the issues are.

Stuart