Force Reset Password in Sitecore CMS

Problem Statement:

When a user logs into the Sitecore CMS, the system will first check the age of the user's password. If the password is less than 60 days old, the user will be redirected to the Sitecore CMS dashboard.

However, if the password is 60 days or older, the user will be redirected to the "Change Password" page. This page includes fields for:

  • The current password
  • A new password
  • Confirmation of the new password

Then user must enter their current password, input a new password, and confirm it. The system will validate the entries:

  • If the validation is successful, the user's password will update.
  • Then user will be redirected to the login page and sign in with the new password.

Solution:

To have a solution to this you need to write a pipeline and processor within your project that handles the logic of password expiration.

Step 1: Create a Custom Pipeline and Processor:

Write a custom pipeline and processor that will retrieve the logged-in user details. From the details, you can compare the password age on the basis of the user property called LastPasswordChangedDate to the current date.


Step 2: Custom Change Password Page:

Create/design a custom change password aspx page and write a logic to check the length/complexity of the password, error handling with current, new, and confirmation passwords, and change/set the password using Membership.Provider.ChangePassword method.

You can enhance the security and logic as per your requirement, in the below snippet I am writing simple logic to reset the password.

azure-cdn-sitecore

Happy Sitecoreing ðŸ˜Š

Comments

Popular posts from this blog

Sitecore Installation Error: Failed to Start Service 'Sitecore Marketing Automation Engine'

Import CSV Data in Sitecore Using PowerShell: Part-3

Sitecore : The database principal owns a schema in the database, and cannot be dropped message