+1-888-365-2779
Try Now
More in this section

Forums / Bugs & Issues / Error message when resetting password

Error message when resetting password

8 posts, 0 answered
  1. Shawn Davis
    Shawn Davis avatar
    81 posts
    Registered:
    13 Oct 2012
    10 Nov 2010
    Link to this post
    When I attempt to reset a password with 3.7 Community I get:

     

    Wrong answer

    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. 

    Exception Details: System.Web.Security.MembershipPasswordException: Wrong answer

    Source Error: 

    Line 105:    protected void passwordRecoveryButton_Click(object sender, EventArgs e)
    Line 106:    {
    Line 107: string newPassword = manageUsers.Manager.MembershipProvider.ResetPassword(manageUsers.UserName, "42");Line 108:        Telerik.Security.WebControls.ManageUsers.EditContainer editContainer = manageUsers.GetCurrentContainer() as Telerik.Security.WebControls.ManageUsers.EditContainer;
    Line 109:        if (editContainer != null)

    Source File: c:\Inetpub\ElmPlaceSF\Sitefinity\Admin\CmsAdmin\Users.aspx.cs    Line: 107 

    Stack Trace: 

    [MembershipPasswordException: Wrong answer]
       Telerik.DataAccess.AspnetProviders.TelerikMembershipProvider.ResetPassword(String username, String passwordAnswer) +362
       Admin_CmsAdmin_Users.passwordRecoveryButton_Click(Object sender, EventArgs e) in c:\Inetpub\ElmPlaceSF\Sitefinity\Admin\CmsAdmin\Users.aspx.cs:107
       System.Web.UI.WebControls.LinkButton.OnClick(EventArgs e) +111
       System.Web.UI.WebControls.LinkButton.RaisePostBackEvent(String eventArgument) +79
       System.Web.UI.WebControls.LinkButton.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) +10
       System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +13
       System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +175
       System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1565

    Any help would be appreciated - thanks!
  2. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    25 Nov 2016
    10 Nov 2010
    Link to this post
    Hi Shawn,

    You should use Clear password format and get the question/password/username with LINQ query or just modify Sitefinity\Admin\CmsAdmin\Users.aspx.cs and its passwordRecoveryButton_Click method

    protected void passwordRecoveryButton_Click(object sender, EventArgs e)
     {
         MembershipUser u = Membership.GetUser(manageUsers.UserName);
         string newPassword = manageUsers.Manager.MembershipProvider.ResetPassword(manageUsers.UserName, u.PasswordQuestion);
         Telerik.Security.WebControls.ManageUsers.EditContainer editContainer = manageUsers.GetCurrentContainer() as Telerik.Security.WebControls.ManageUsers.EditContainer;
         if (editContainer != null)
         {
             Control passRecovery = editContainer.FindControl("passwordRecoveryButton");
             if (passRecovery != null)
             {
                 int index = editContainer.Controls.IndexOf(passRecovery);
      
                 Literal newPass = new Literal();
                 newPass.Text = "New password: ";
      
                 Label newNote = new Label();
                 newNote.Controls.Add(newPass);
                 Literal passLiteral = new Literal();
                 passLiteral.Text = newPassword;
                 HtmlGenericControl strong = new HtmlGenericControl("strong");
                 strong.Controls.Add(passLiteral);
      
                 newNote.Controls.Add(strong);
      
                 editContainer.Controls.AddAt(index + 1, newNote);
             }
         }
     }

    In this case you will be able to reset/restore the user's password without supplying the answer to the security question. changing the password through the database. Furthermore MembershipUser.PasswordQuestion Property  has only get accessor, so you cannot change the question once the user has been created. Changing the question/answer on the later stage will require a custom membership provider.

    All the best,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  3. Shawn Davis
    Shawn Davis avatar
    81 posts
    Registered:
    13 Oct 2012
    10 Nov 2010
    Link to this post
    It seems like you're thinking I changed the code in some way.  I'm just using it out of the box.  I was using the sitefinity admin back-end to change the password for a user whose password didn't work.  The recover password function that I placed on the site gave an error when the user tried it and so I tried to reset the password through the admin pages and received that error.  Is there a way, or a bug, that would cause the password to become unusable?

    Thanks,
  4. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    25 Nov 2016
    10 Nov 2010
    Link to this post
    Hi Shawn,

    You have set requiresQuestionAndAnswer="true" and passwordFormat="true" for the membership provider.

    All the best,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  5. Shawn Davis
    Shawn Davis avatar
    81 posts
    Registered:
    13 Oct 2012
    10 Nov 2010
    Link to this post
    Does setting requiresQuestionAndAnswer="true" prevent me from doing a reset in administration?  Perhaps I'm a bit confused. :-)
  6. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    25 Nov 2016
    10 Nov 2010
    Link to this post
    Hi Shawn,

    If you use passwordFormat="Hashed" - yes. If you add a field to type the question answer there should not be problem to reset the password.

    Sincerely yours,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  7. Eric Wallace
    Eric Wallace avatar
    66 posts
    Registered:
    08 Oct 2009
    25 Jan 2011
    Link to this post
    If you were to use the code Ivan posted:
    MembershipUser u = Membership.GetUser(manageUsers.UserName);
     string newPassword = manageUsers.Manager.MembershipProvider.ResetPassword(manageUsers.UserName, u.PasswordQuestion);

    would you not be changing the user's password answer to the password question? In which case you would want to call:
    MembershipUser u = Membership.GetUser(manageUsers.UserName);
    string newPassword = u.ResetPassword();

    Nevermind. This does not work either.
  8. Mark
    Mark avatar
    86 posts
    Registered:
    08 Feb 2010
    27 Apr 2011
    Link to this post
    I have the same issue

    I have an intranet where users can reset their own password
    but also need to the facility to go into the CMS admin and reset the password for users who get really stuck

    How would i acheive this?
    i keep getting the error wrong answer!
Register for webinar
8 posts, 0 answered