Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • adamsimsy 31 posts 46 karma points
    Jun 16, 2011 @ 10:52
    adamsimsy
    0

    Configuring password complexity for back office users

    As the topic suggests, is it straight forward to set the password complexity required for back office users?

    Does the Membership Provider for the back office extend the .NET Membership provider which allows you to set the following?

      minRequiredPasswordLength="1"
                      minRequiredNonalphanumericCharacters="0"
                      passwordFormat="Hashed"
                      maxInvalidPasswordAttempts="5"
                      passwordAttemptWindow="10"
                      passwordStrengthRegularExpression=""
     />

    Also which Membership provider is used for the back office? Is it UmbracoMembershipProvider or UsersMembershipProvider?

    Thanks in advance.

    Adam

  • Lesley 284 posts 143 karma points
    Jun 16, 2011 @ 23:26
    Lesley
    0

    Hi Adam,

    It's the UsersMembershipProvider for the back office users. And yes, it does inherit from the .net MembershipProvider so you should be able to use the properties you list ok.

    Have fun!

  • adamsimsy 31 posts 46 karma points
    Jun 23, 2011 @ 18:15
    adamsimsy
    0

    Thanks Lesley for confirming! cheers :)

  • Tammy 16 posts 36 karma points
    Mar 02, 2012 @ 04:05
    Tammy
    0

    Hi Guys,

    I am using Umbraco 4.7. and i have set the membership provider as below but when i change my password in member section or user section, these are not apply.

    Anyone can tell me what am i missing?


        <!-- Membership Provider -->
        <membership defaultProvider="UmbracoMembershipProvider" userIsOnlineTimeWindow="15">
          <providers>
            <clear />
            <add name
    ="UmbracoMembershipProvider" type="umbraco.providers.members.UmbracoMembershipProvider" enablePasswordRetrieval="false" enablePasswordReset="false" requiresQuestionAndAnswer="false" defaultMemberTypeAlias="Another Type" passwordFormat="Hashed"
                      applicationName
    ="/"
                      minRequiredPasswordLength="15"
                      minRequiredNonalphanumericCharacters="2"
                      maxInvalidPasswordAttempts
    ="2"
                      passwordAttemptWindow="10"
                      passwordStrengthRegularExpression=""/>
            <add name
    ="UsersMembershipProvider" type="umbraco.providers.UsersMembershipProvider" enablePasswordRetrieval="false"                     enablePasswordReset="false" requiresQuestionAndAnswer="false" passwordFormat="Hashed"
                      applicationName
    ="/"
                      minRequiredPasswordLength="5"
                      minRequiredNonalphanumericCharacters="1"
                      maxInvalidPasswordAttempts="2"
                      passwordAttemptWindow="10"
                      passwordStrengthRegularExpression=""/>
          </providers>
        </membership>

  • Steven Horler 11 posts 57 karma points
    Aug 16, 2012 @ 13:02
    Steven Horler
    0

    Hi,

    We're using 4.7.2 and we've got to enforce password strength on our sites for Users (not members), and making the web config changes has no effect as Tammy says. I tried to extend the umbraco.providers.UsersMembershipProvider but getting a null exception error on loading.

    There is a bug raised for this (U4-215) but in the meantime a workaround wouldbe great.

    Any help would be much appreciated.

    Thanks

Please Sign in or register to post replies

Write your reply to:

Draft