Press Ctrl / CMD + C to copy this to your clipboard.
This post will be reported to the moderators as potential spam to be looked at
I am working on a client's website, and unfortunately I've never had the pleasure of working with Umbraco before. My only knowledge is in some CSS, HTML, and in Wordpress CMS.
I'm trying to find a way to change password requirements on the admin login page. I am no C# programmer, but based off my review, it looks like you need that knowledge?
Can someone please help me? Please?
Does anyone have any suggestions for this code?
"Right click here to inspect element
What exactly do you mean? Are you trying to change the requirements (as in complexity) for the back office users (i.e. users logging into Umbraco) or for the front end users (visitors to the website) ?
If you are trying to change the password complexity requirements there are two settings that I'm aware of, one for the minimum number of required non-alphanumeric characters and one for the minimum length requirement.
These are set in the Web config file against the membership providers (one exists for the back office and one exists for the front end users). Search the file for '
Thanks for the reply nik. Umbraco 4 is what the client is using. This is the complexity of the passwords for the administrators. By default on a freshly installed umbraco 4 it would be websitename/umbraco. I remember looking into the config file also, just not sure exactly how to change it. Do you have any examples of code that I can see that show what others have done to change theirs?
I cant paste the code from it tonight. But I will have access to it again tomorrow.
Unfortunately, I'm not able to help with Umbraco 4. I've had no experience with using it. The configuration setup for it may well be different from what I've explained above. Hopefully, someone else might be able to shed some light on to it for you.
Maybe so, but at this point anything is helpful. Even like what you would type in the config file for 6. The password requirements are bound to be similiar.
There seriously needs to be a tutorial on setting it. I have seen many posts about it, but there isnt enough for me to understand it...
Sorry, just dont have any experience with this kind of code.
In v7 and I think v6 you would modify one of the two following lines in the web.config file, depending on if you want to change Member or Users where Users are backoffice admins/editors.
<add name="UmbracoMembershipProvider" type="Umbraco.Web.Security.Providers.MembersMembershipProvider, Umbraco" minRequiredNonalphanumericCharacters="0" minRequiredPasswordLength="6" useLegacyEncoding="true" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" defaultMemberTypeAlias="Member" passwordFormat="Hashed" maxInvalidPasswordAttempts="10" />
<add name="UsersMembershipProvider" type="Umbraco.Web.Security.Providers.UsersMembershipProvider, Umbraco" minRequiredNonalphanumericCharacters="0" minRequiredPasswordLength="6" useLegacyEncoding="true" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" passwordFormat="Hashed"/>
Hope that helps a bit.
This does help! Now the last thing I need help with is what code to actually write. Can i write passwordmin=4; passwordmax=9;? What will work?
Here's a link to a list of parameters that can be used. https://msdn.microsoft.com/en-us/library/ms998347.aspx#paght000022_sqlmembershipproviderconfig
Ok I think I'm getting the hang of it here. I am just not sure why it's not working. When I try logging in and failing over 20 times it doesn't lock out. I can still login easy and quickly. Can you help? Here's what I have so far:
<add name="UsersMembershipProvider" type="umbraco.providers.UsersMembershipProvider" maxInvalidPasswordAttempts="3" passwordAnswerAttemptLockoutDuration="30" passwordAttemptWindow="5" minRequiredPasswordLength="8" minRequiredNonalphanumericCharacters="1" enablePasswordRetrieval="false" enablePasswordReset="false" requiresQuestionAndAnswer="false" passwordFormat="Hashed" />
<add name="UmbracoMembershipProvider" type="umbraco.providers.members.UmbracoMembershipProvider" maxInvalidPasswordAttempts="3" passwordAnswerAttemptLockoutDuration="30" passwordAttemptWindow="5" minRequiredPasswordLength="8" minRequiredNonalphanumericCharacters="1" enablePasswordRetrieval="false" enablePasswordReset="false" requiresQuestionAndAnswer="false" defaultMemberTypeAlias="Another Type" passwordFormat="Hashed" />
Thanks again for all of your help so far. This has been very helpful.
If you are testing this with the master admin account, I have a feeling you cannot lock it out. The reason I suspect this to be the case is that other users can't generally see the master admin account so wouldn't be able to unlock it should it get locked.
Try creating a second "admin" user and seeing if that user locks out or not.
Just checked with other users.
It seems it does this regardless of the profile of the end user.
Admin; Editor; Writer; [Translator]; [Publisher]; [Auditor]
I also tried creating an administrator and it still has the same effect... Any suggestions?
Perhaps it may be better to try to upgrade the system altogether. Maybe that may fix whatever issues we are having right now. But before I go that route, do you guys know is it more stable to set password requirements in the later versions?
The only thing different between my webconfig file and the latest version is this:
(LATEST VERSION OF UMBRACO)
(CURRENTLY IN USE)
Doesn't work. It's for something that isn't in Umbraco 4.
is working on a reply...
Write your reply to:
Image will be uploaded when post is submitted