ChangePassword.CurrentPassword Property
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Gets the current password for the user.
public:
virtual property System::String ^ CurrentPassword { System::String ^ get(); };[System.ComponentModel.Browsable(false)]
[System.Web.UI.Themeable(false)]
public virtual string CurrentPassword { get; }[<System.ComponentModel.Browsable(false)>]
[<System.Web.UI.Themeable(false)>]
member this.CurrentPassword : stringPublic Overridable ReadOnly Property CurrentPassword As StringProperty Value
The current password entered by the user.
- Attributes
Examples
The following code example shows how to use an ASP.NET page that uses a ChangePassword control, and includes a handler for the ChangingPassword event named ChangingPassword. The code in the ChangingPassword handler compares the old password stored in the CurrentPassword property to the new password stored in NewPassword. If the two passwords are the same, changing the password fails.
The ChangePassword control sets the DisplayUserName property to true to enable users to enter their user name. This means that the user does not have to log on to view the page.
The code example assumes that the ASP.NET Web site has been configured to use ASP.NET membership and Forms authentication, and that a user has been created whose name and password are known to you. For more information, see How to: Implement Simple Forms Authentication.
<%@ Page Language="C#" AutoEventWireup="True" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
void Page_Load(Object sender, EventArgs e)
{
//Manually register the event-handling methods.
ChangePassword1.ChangingPassword += new LoginCancelEventHandler(this._ChangingPassword);
}
void _ChangingPassword(Object sender, LoginCancelEventArgs e)
{
if (ChangePassword1.CurrentPassword.ToString() == ChangePassword1.NewPassword.ToString())
{
Message1.Visible = true;
Message1.Text = "Old password and new password must be different. Please try again.";
e.Cancel = true;
}
else
{
//This line prevents the error showing up after a first failed attempt.
Message1.Visible = false;
}
}
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>ChangePassword including a ChangingPassword event handler</title>
</head>
<body>
<form id="form1" runat="server">
<div style="text-align:center">
<h1>ChangePassword</h1>
<asp:LoginView ID="LoginView1" Runat="server"
Visible="true">
<LoggedInTemplate>
<asp:LoginName ID="LoginName1" Runat="server" FormatString="You are logged in as {0}." />
<br />
</LoggedInTemplate>
<AnonymousTemplate>
You are not logged in
</AnonymousTemplate>
</asp:LoginView><br />
<asp:ChangePassword ID="ChangePassword1" Runat="server"
BorderStyle="Solid"
BorderWidth="1"
CancelDestinationPageUrl="~/Default.aspx"
DisplayUserName="true"
OnChangingPassword="_ChangingPassword"
ContinueDestinationPageUrl="~/Default.aspx" >
</asp:ChangePassword><br />
<asp:Label ID="Message1" Runat="server" ForeColor="Red" /><br />
<asp:HyperLink ID="HyperLink1" Runat="server"
NavigateUrl="~/Default.aspx">
Home
</asp:HyperLink>
</div>
</form>
</body>
</html>
<%@ Page Language="VB" AutoEventWireup="True" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
Public Sub PageLoad(ByVal Sender As Object, ByVal e As EventArgs)
'Manually register the event-handling methods.
AddHandler ChangePassword1.ChangingPassword, AddressOf Me._ChangingPassword
End Sub
Public Sub _ChangingPassword(ByVal Sender As Object, ByVal e As LoginCancelEventArgs)
If (ChangePassword1.CurrentPassword.ToString() = ChangePassword1.NewPassword.ToString) Then
Message1.Visible = True
Message1.Text = "Old password and new password must be different. Please try again."
e.Cancel = True
Else
'This line prevents the error showing up after a first failed attempt.
Message1.Visible = False
End If
End Sub
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>ChangePassword including a ChangingPassword event handler</title>
</head>
<body>
<form id="form1" runat="server">
<div style="text-align:center">
<h1>ChangePassword</h1>
<asp:LoginView ID="LoginView1" Runat="server"
Visible="true">
<LoggedInTemplate>
<asp:LoginName ID="LoginName1" Runat="server" FormatString="You are logged in as {0}." />
<br />
</LoggedInTemplate>
<AnonymousTemplate>
You are not logged in
</AnonymousTemplate>
</asp:LoginView><br />
<asp:ChangePassword ID="ChangePassword1" Runat="server"
BorderStyle="Solid"
BorderWidth="1"
CancelDestinationPageUrl="~/Default.aspx"
DisplayUserName="true"
OnChangingPassword="_ChangingPassword"
ContinueDestinationPageUrl="~/Default.aspx" >
</asp:ChangePassword><br />
<asp:Label ID="Message1" Runat="server" ForeColor="Red" /><br />
<asp:HyperLink ID="HyperLink1" Runat="server"
NavigateUrl="~/Default.aspx">
Home
</asp:HyperLink>
</div>
</form>
</body>
</html>
Remarks
The CurrentPassword property contains the current password entered by the user.
Important
Transmitting passwords over HTTP is a potential security threat. HTTP transmissions can be viewed or compromised by malicious users. To improve security when using login controls, you should use HTTPS protocol with secure sockets layer (SSL) encryption to ensure that the user's password cannot be read during postback. For more information, see Securing Login Controls.
This property cannot be set by themes or style sheet themes. For more information, see ThemeableAttribute and ASP.NET Themes and Skins.
Applies to
See also
- NewPassword
- ASP.NET Login Controls Overview
- Customizing Appearance and Behavior of the ASP.NET Login Controls
- ASP.NET Web Server Controls Templates
- How to: Display Different Information to Anonymous and Logged In Users
- Web Site Administration Tool Security Tab
- Securing Login Controls
- Basic Security Practices for Web Applications
- Securing Membership
