We have moved to GitHub Issues
Created by Sebastiaan Janssen 11 Oct 2013, 11:27:03 Updated by Shannon Deminick 20 Oct 2013, 23:19:29
Relates to: U4-3044
I am not going to ask members for their old password.. ;-)
The password change functionality is completely dependent on how the membership provider is configured. Since both the members and user's membership providers are actually implemented correctly now the fields displayed are based on their configuration.
Previously the configuration that we shipped with did not allow resetting a password, this has been changed so you can reset a members' password if you don't know what it is. Since we are saving the passwords as Hashed by default, that means you cannot retrieve the password.
The only way to change a password manually (i.e. not resetting it) without knowing what it is is to have the membership provider configured to:
I've emailed @Seb and @Morten a big list of things that have been fixed with these providers and have backported the changes to a custom branch on 6.2 since I believe that they are pretty critical fixes
U4-3057 MembershipPasswordFormat problem at EncodePassword method in UmbracoMembershipProvider class U4-3176 UsersMembershipProvider.CreateUser does not encrypt/hash the password U4-3173 UserMembershipProvider.ChangePassword does not work U4-3174 UsersMembershipProvider.ResetPassword does not work U4-3186 Neither User or Member membership provider actually validates the password based on the config settings. U4-3158 user back office password policies doesn't adhere to membership provider rules
Assignee: Shannon Deminick
Backwards Compatible: True
Affected versions: 7.0.0
Due in version: 7.0.0