We are having problems resetting all the passwords of our portal for awhile. We have ugpraded to 7.4.1 (from 7.3.4) as an attempt to resolve this but the problem still remains!
The users receive an email and when they attempt to change their passwords - no matter how complicated the password is, they receive the following message:
Your new password was not accepted for security reasons. Please make sure to choose a password which does not match a previously used password and which is long and complex enough to meet the sites password complexity requirements.
Email
Dear xxx,
You have requested a Password Reset Token from xyz.
Please login using the following information:
Website Address: xyz.com
Username: nectar
Link to reset password: xyz.com/default.aspx?ctl=PasswordReset&resetToken=a85f46b2-cc9a-470c-822d-d2f12f8a94d4
*Note: If you did not request a Password Reset Token, please disregard this Message.
In our web.config we have the following settings:
minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="0" requiresUniqueEmail="false" passwordFormat="Hashed" applicationName="DotNetNuke" description="Stores and retrieves membership data from the local Microsoft SQL Server database" />
In the EMAIL_PASSWORD_REMINDER_BODY.Text
we have this:
Dear [User:DisplayName],
You have requested a Password Reset Token from [Portal:PortalName].
Please login using the following information:
Website Address: [Portal:URL]
Username: [User:Username]
Link to reset password: http://[Portal:URL]/default.aspx?ctl=PasswordReset&resetToken=[Membership:PasswordResetToken]
Sincerely,
[Portal:PortalName]
Under Host/ Membership Management we have the following settings:
Reset link timeout (minutes): 60
Administrator reset link timeout (minutes): 1450
Enable password history? FALSE (unchecked)
Number of passwords to store: 5
FALSE (unchecked)
This has been going on for a few months with frustrated users. Any ideas what we are missing?