Stack Overflow
Stack Overflow

Questions tagged [reset-password]

This tag refers to the process of setting a password on a system back to an original (often the default) value.

Note that this tag is not to be confused with the tag, which is for setting a password to a new value. Resetting a password changes it back to a previous value.

324 questions
100
votes
11 answers

ASP.NET Identity change password

I need ability to change password for user by admin. So, admin should not enter a current password of user, he should have ability to set a new password. I look at ChangePasswordAsync method, but this method requires to enter old password. So, this…
Oleg Sh
  • 8,496
  • 17
  • 89
  • 159
47
votes
7 answers

How to reset password with UserManager of ASP.NET MVC 5

I am wondering if there is a way to reset password with UserManager of ASP.NET MVC 5 I tried this with user that already has a password but no success. Any clue? IdentityResult result = UserManager.AddPassword(forgotPasswordEvent.UserId.ToString(),…
NoWar
  • 36,338
  • 80
  • 323
  • 498
27
votes
1 answer

Best practice on generating reset password tokens

Any best practice on how a reset password token should be constructed? I'm thinking: random 17 characters [a-zA-Z0-9] + a globally unique id + random 17 characters [a-zA-Z0-9]. Is there a better solution, or an industry standard on reset password…
Justin
  • 42,716
  • 77
  • 201
  • 296
24
votes
5 answers

Token invalid on reset password with ASP.NET Identity

I've implemented ASP.NET Identity in my MVC application by copying the code from the VS 2013 templates. The basic thing is working, but I couldn't get the Reset Password to work. When I show the "forgot password" page an email is generated which…
Pramod Gehlot
  • 319
  • 2
  • 4
  • 17
24
votes
14 answers

What is safer? Should I send an email with a URL that expires to users to reset their password or should I email a newly generated password?

I was wondering what would be the safer option when users have forgotten their password Send a randomly generated new password to the email address (all email addresses in my database are confirmed to work). Or Send an email with a link that…
Marijn Huizendveld
  • 791
  • 2
  • 7
  • 23
23
votes
5 answers

How to reset / change password in Node.js with Passport.js?

I use Passport.js in Node.js to create a login system. Everything is ok, but I do not know how to reset user password when they forget their password or they want to change it. User model in MongoDB var UserSchema = new Schema({ email: String, …
user3044147
  • 1,374
  • 5
  • 14
  • 23
12
votes
2 answers

Laravel 5 : Parse error: syntax error, unexpected '?', expecting variable (T_VARIABLE)

On my Local server everything was good was using mailtrap mail server as smtp server. but when my website is on live server and when I trying to reset password (forgot password ) getting following error screenshot is attached.I am using hostgators…
Rakesh K
  • 1,290
  • 1
  • 16
  • 43
8
votes
3 answers

Confirm password validation in angular

I have a reset-password form with 2 input fields: New Password New Password (confirmation) I had to create a validation where "New Password (confirmation) needed to match "New Password" and I made it. When you type in a wrong password in "New…
Dorijan Golja
  • 103
  • 1
  • 1
  • 6
8
votes
3 answers

Keycloak: Disable redirect to account page after password reset and show message

I am using Keycloak and I want to enable Forgot password flow. I have enabled Forgot password in login and configured SMTP to send email. What I get out of the box from keycloak is the following -> Click on Forgot password link -> Enter username or…
NehaM
  • 1,272
  • 1
  • 18
  • 32
8
votes
3 answers

Redis as a session store, Invalidate all sessions of a user

I'm using redis as a session store, Storing sessions like so [NameSpace]:[UniqueId] -> [email_id] Here is the problem, when a user resets their password, how do I invalidate all the sessions of that user ? Here are the solutions I came up with,…
Gautam
  • 7,868
  • 12
  • 64
  • 105
6
votes
4 answers

Pattern for allowing a user to change his password. Should the user have to repeat the new password as well as enter the old password?

There are lots of questions about recovering passwords on SO, but not about changing passwords considering one of the two following: 1) The user is authenticated in the system already (either through user/pw or through third part authentication…
Scott
  • 16,711
  • 14
  • 75
  • 120
5
votes
1 answer

KeyCloak Forgot password Email link

We are implementing Authentication using keycloak. Specifically for forgot password option: When user clicks on Forgot password option, and provides user name, an email will be sent to their id with the link to reset password. My Question is…
Harry
  • 91
  • 1
  • 1
  • 9
5
votes
1 answer

Laravel 5.5 Custom reset password throws token mismatch

I wanted to override/customize the existing laravel forget and reset password functionality. Mainly due to my table does not contain and "email" column and we've our own email sent method. Therefore I updated my ForgotPasswordController.php as…
FR STAR
  • 662
  • 4
  • 24
  • 50
5
votes
5 answers

Secure way to do password retrieval/resetting?

Before I begin, my reason for not using OAuth is I believe it is not really something we should be using on this project, we're targeting a platform that will be packaged and resold to companies, which connect to their own set of uses that we really…
Incognito
  • 20,537
  • 15
  • 80
  • 120
5
votes
1 answer

django customize reset password form

I am a beginner in django (django 1.7 python 2.7). I am trying to add no captcha recaptcha onto my django reset password form. I am trying to use this recaptcha djano plugin. I have followed the instructions and added the necessay…
user3354539
  • 1,245
  • 5
  • 21
  • 40
1
2 3
21 22