Home/ Questions/Q 8733319
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-13T09:37:25+00:00

I currently have an MVC 3 application which requires the Security Answer to be

  • 0

I currently have an MVC 3 application which requires the Security Answer to be correct when user forgets the password.

However, I want a System Administrator to be able to Reset the Password of any user without knowing the Security Answer.

Any possible solution for this?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I ended up using two different Providers for this solution.
    Both providers were added to the Web.Config file of the application:

    <membership>
  <providers>
    <clear/>
    <add name="ProviderRequiredAnswer"  .......
       enablePasswordReset="true" requiresQuestionAndAnswer="true" ...... />
    <add name="ProviderNoRequiredAnswer"  ......
       enablePasswordReset="true" requiresQuestionAndAnswer="false" ...... />

   </providers>
</membership>

    When regular user forgets password and needs to reset it, I will get user using the first provider by:

    MembershipUser user =
    Membership.Providers[“ProviderRequiredAnswer“].GetUser(model.userToReset, false);

    string autoGenPass = userToReset.ResetPassword(model.PasswordAnswer);

    bool resetPasswordSucceeded = userToReset.ChangePassword(autoGenPass, model.NewPassword);

    On the other hand, if a System Admin, who does not have the Security Answer needs to Reset the password of an user, I will get user using the second provider by:

    MembershipUser user =
    Membership.Providers[“ProviderNoRequiredAnswer“].GetUser(model.userToReset, false);

    string autoGenPass = userToReset.ResetPassword();

    bool resetPasswordSucceeded = userToReset.ChangePassword(autoGenPass, model.NewPassword);

    • 0