How do I control the format MembershipUser.ResetPassword()
You may want to do this in two steps, as identified by Mark Fitzpatrick here: http://bytes.com/groups/net-asp/689452-how-reset-users-password-without-having-use-passwordrecovery#post2740740
First Reset the password, then immediately change it to a format of your liking. Obviously using a fixed string as in Mark's example would NOT be recommended - you'd want to implement some random string generator.
user.ChangePassword(user.ResetPassword(), MyMethodToGenerateRandomPassword());
Today you can also use the Membership.GeneratePassword
method and pass a MinRequiredPasswordLength
or use the property already defined in Web.config like this:
var newPassword = // 0 = Number of non alphanumeric characters Membership.GeneratePassword(Membership.MinRequiredPasswordLength, 0); user.ChangePassword(user.ResetPassword(), newPassword);
Have a look at this article - Changing the autogenerated password format in the SqlMembershipProvider.
I came up with a quick way to hack the SqlMembershipProvider to generate less complex passwords, and it was as simple as creating a new provider class that inherits from SqlMembershipProvider, then overriding the GeneratePassword method.
This is not a fully resolved solution but it might help.