Asp.net sqlserver membership provider is the great feature provided within the asp.net framework to configure common features like User registration, Forget password, User login on asp.net enabled application.

How to configure to retrieve password

If you are using membership provider of asp.net, you can customize how the password can be retrieved.

You can also set requiresQuestionAndAnswer=false if you dont want the user to ask question. Just providing the email address will send the password to the email id of the user.

If the passwordFormat =”Hashed” the new random passowrd will be set and sent to the user.

Following the configuration on the web.config file.

<add name="AspNetSqlMembershipProvider"

type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"

connectionStringName="LocalSqlServer"

enablePasswordRetrieval="false"

enablePasswordReset="true"

requiresQuestionAndAnswer="true" applicationName="/"

requiresUniqueEmail="false"

passwordFormat="Hashed"

maxInvalidPasswordAttempts="5"

minRequiredPasswordLength="7"

minRequiredNonalphanumericCharacters="1"

passwordAttemptWindow="10"

passwordStrengthRegularExpression=""/>

enablePasswordRetrieval means your can retrieve the password without reseting it. It only works when you have not set the passwordFromat=”Hashed”.

enablePasswordReset means new password will be reset when user wants to retrieve the password through forget password feature.

requiresQuestionAndAnswer enables user must provide secret question and answer to continue.