15 Oct 2010
08 Feb 2011
Link to this post
we are using custom page for forgot password, once user clicks on forgot password link user will be asked to key in the secret question answer. problem is regardless of of user key in correct secret question answer or not we receive email for reset password. we should not be receiving the mail if secret question answer is wrong
How can we check for user key in correct secret question answer? we are failed to check by doing database call as secret question answer is encrypted because it was saved by calling asp.net ChangePasswordQuestionAndAnswer() method.
in our web config we have
we use this asp.net method for check secret question answer
//string strTempPwd = obj.ResetPassword(txtAnswer.Text);