Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeDevelopment and...Development and...DNN Platform (o...DNN Platform (o...Prevent Users From Using Previous Passwords?Prevent Users From Using Previous Passwords?
Previous
 
Next
New Post
12/1/2008 3:55 PM
 
Bill Feldhaus

Joined: 11/18/2008
Posts: 3

We have a requirement from a client to store the previous twelve (!) passwords and not allow users to reuse any of those twelve passwords. I believe this isn't possible given an OOTB DotNetNuke installation. Is there an easy way to extend the existing AspNetMembershipProvider to store and check against the last "x number" of passwords?

Thanks!
 
New Post
12/22/2008 2:22 PM
 
Tak Shimamura

Joined: 1/4/2006
Posts: 211

Here is what I would do:

1. Create a table called "PreviousUserPasswords" and make some fields - ID, userid, Password DateCreated,

2. Open Admin/Users/Password.ascx.vb and find "Private sub cmdUpdate_Click()" around line 269.

3. put some codes before '1. check new password and confirm are the same''

[Some codes - no actual code, just comments. sorry for me being lazy lol ]

'0. Check the new password against a table PreviousUserPassword.

'execute sql (e.g. where password = txtNewpassword.txt) to check to see if there is any same password the user created before.

'if there is a same password in the table, throw an error message.  If it's not same, update the user password and also add the new password to the PreviousUserPasswords. Overwrite the oldest password if there are 12 passwords or more associated with this particular user.

lol. 12 passwords... I wouldn't be able to login to the site 4ever if i forget my password. Just imagine,,, users keep tying their passwords but nothing works, that would create BIG frustration.  i mean,,, i myself don't have 10 unique passwords. Well, that's what your client asked you to do right? GOOD LUCK!
 
New Post
12/22/2008 11:14 PM
 
lucyandrez

Joined: 12/22/2008
Posts: 1

I have similar requirement. I think with slight modification  I can use your sugestion.
 
New Post
12/23/2008 5:28 PM
 
Alfonso Perez

www.expresionur.com
Joined: 5/2/2006
Posts: 31

Another way without modifying the core would be to create your own custom membership provider and override the ChangePassword method, where you can add your custom logic and affect the UserPasswords table each time a password is changed. Then you'd override the ValidateUser method or the UserLogin method to check that the provided password is valid according to your criteria. You can have a quick look in how to implement this here:

http://briansamson.com/b/2006/dotnetnuke-4-custom-authentication-single-sign-on/

Once you have your own dll, make the according changes in the Providers sections of your web.config and you are ready to go. It envolves a bit more effort, but if you need to reverse the changes you'll only be one line away, and you wont have to worry (too much) when you need to upgrade your DNN installation.

Cheers,
 
 Page 1 of 1
Previous
 
Next
HomeHomeDevelopment and...Development and...DNN Platform (o...DNN Platform (o...Prevent Users From Using Previous Passwords?Prevent Users From Using Previous Passwords?


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out