62

How To Change Password Validation in ASP.Net MVC5 Identity 2 ?

Thanks

Improve this question
2
  • 4
    Well , By Default asp.net MVC registration form data annotation work for client site validation.that's good. but after submitting the form this validation come. "Passwords must have at least one non letter or digit character. Passwords must have at least one lowercase ('a'-'z'). Passwords must have at least one uppercase ('A'-'Z'). " but i can't find this message validation code to modify myself. How can i change it ? Commented Jul 17, 2014 at 7:11
  • 2
    Update : ASP.Net MVC5 Identity2 video tutorial youtube.com/playlist?list=PLQYI2ou09WiRPs55DJ9Q4rxGSgSMNCvNx Commented Jan 31, 2015 at 22:19

2 Answers 2

Reset to default
184

In the MVC project template in VS2013 Update 2, there should be a file called App_Start/IdentityConfig.cs. In it you should find the class ApplicationUserManager and a static factory method called Create(). That's where the user manager class is configured, including the server-side validation rules for passwords are defined. For example:

manager.PasswordValidator = new PasswordValidator
{
    RequiredLength = 6,
    RequireNonLetterOrDigit = true,
    RequireDigit = true,
    RequireLowercase = true,
    RequireUppercase = true,
};
Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

One thing to note, the default rules you listed will result in an error for the password Test123 with the message "Passwords must have at least one non letter or digit character." which is very deceiving because it seems that if both RequireNonLetterOrDigit and RequireDigit are true that RequireDigit steals the numeric text and forces the password validation to fail, then tells the user to do something they already did.
RequireNonLetterOrDigit = the password requires a character that is not a letter and not a digit.
How do you override the error text that is returned?
In the new ASP.NET 5, corresponding method couldn't be found. Can you suggest any other way that will work in that?
@It'satrap - In Startup.cs there's a method called ConfigureServices. In there you want you want to modify the services.AddIdentity call to this: services.AddIdentity<ApplicationUser, IdentityRole>(x => { x.Password.RequiredLength = 6; x.Password.RequireUppercase = false; x.Password.RequireLowercase = false; x.Password.RequireNonAlphanumeric = false; }) .AddEntityFrameworkStores<ApplicationDbContext>() .AddDefaultTokenProviders();
16

In addition to Anthony Chu's answer,

You may also need to change it in Models folder > AccountViewModel.cs > class RegisterViewModel (as well as class ResetPasswordViewModel)

Change "MinimumLength = 6" (need to scroll right)

 [Required]
 [StringLength(100, ErrorMessage = "The {0} must be at least {2} characters long.", MinimumLength = 6)]
 [DataType(DataType.Password)]
 [Display(Name = "Password")]
 public string Password { get; set; }
Improve this answer

2 Comments

In my case I had the code mentioned above in ApplicationUserManager.cs located within the Model folder.
I have set some options to add a user in the Startup.cs file. Part of this is setting the user password. When set here, even after changing the details in both this answer and Anthony's answer. I still get a requirement to put the password at 6 characters long. Even though in both places (and also the ManagerViewModels.cs SetPasswordViewModel and ChangePasswordViewModel classes I set all of them to 2. Is there yet another place where this check is done. I'm using VS2015?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.