Implement Forgot Password functionality in ASPNet using C and VBNet

In this article I will explain and provide code for implementing Forgot Password functionality in ASP.Net using C# and VB.Net.

Using the Forgot Password page, user will be allowed to recover the password using his Email address and then the recovered password will be sent to his registered email address.

This is the fourth article from the series, in my previous articles I have explained Simple User Registration Form Example in ASP.Net, Send user Confirmation email after Registration with Activation Link in ASP.Net and Simple User Login Form example in ASP.Net.

Database

For this article I have created a new database named LoginDB which contains the following table named Users in it.

Implement Forgot Password functionality in ASP.Net using C# and VB.Net

I have already inserted few records in the table.

Note: The SQL for creating the database is provided in the attached sample code.

HTML Markup

The HTML Markup consists of a TextBox for entering email address, a Label for displaying the Success and the Error messages and a Button for triggering the Password recovery process.

Email Address:

<asp:TextBox ID="txtEmail" runat="server" Width = "250" />

<asp:Label ID="lblMessage" runat="server" />

<asp:Button Text="Send" runat="server" OnClick="SendEmail" />

Namespaces

You will need to import the following namespaces.

using System.Net;

using System.Net.Mail;

using System.Drawing;

using System.Configuration;

using System.Data.SqlClient;

VB.Net

Imports System.Net

Imports System.Net.Mail

Imports System.Drawing

Imports System.Configuration

Imports System.Data.SqlClient

Implement Forgot Password functionality in ASP.Net using C# and VB.Net

When the user enters his email address and the Button is clicked the following event handler is executed.

Inside this event handler, a SQL Query is executed on the Login table and the user’s record is fetched using the supplied email address.

If the record is found then the fetched Username and Password is used for sending email to the user and a success message is displayed.

Note: For this example, I have used GMAIL SMTP server, but you are free to use any mail server. For more details please refer Send Email using GMAIL in ASP.Net

In case the record is not found then error message is displayed to the user.

protected void SendEmail(object sender, EventArgs e)

{

string username = string.Empty;

string password = string.Empty;

string constr = ConfigurationManager.ConnectionStrings["constr"].ConnectionString;

using (SqlConnection con = new SqlConnection(constr))

{

using (SqlCommand cmd = new SqlCommand("SELECT Username, [Password] FROM Users WHERE Email = @Email"))

{

cmd.Parameters.AddWithValue("@Email", txtEmail.Text.Trim());

cmd.Connection = con;

con.Open();

using (SqlDataReader sdr = cmd.ExecuteReader())

{

if (sdr.Read())

{

username = sdr["Username"].ToString();

password = sdr["Password"].ToString();

}

con.Close();

}

if (!string.IsNullOrEmpty(password))

{

MailMessage mm = new MailMessage("sender@gmail.com", txtEmail.Text.Trim());

mm.Subject = "Password Recovery";

mm.Body = string.Format("Hi {0}, Your password is {1}. Thank You.", username, password);

mm.IsBodyHtml = true;

SmtpClient smtp = new SmtpClient();

smtp.Host = "smtp.gmail.com";

smtp.EnableSsl = true;

NetworkCredential NetworkCred = new NetworkCredential();

NetworkCred.UserName = "sender@gmail.com";

NetworkCred.Password = "<Password>";

smtp.UseDefaultCredentials = true;

smtp.Credentials = NetworkCred;

smtp.Port = 587;

smtp.Send(mm);

lblMessage.ForeColor = Color.Green;

lblMessage.Text = "Password has been sent to your email address.";

}

else

{

lblMessage.ForeColor = Color.Red;

lblMessage.Text = "This email address does not match our records.";

}

VB.Net

Protected Sub SendEmail(sender As Object, e As EventArgs)

Dim username As String = String.Empty

Dim password As String = String.Empty

Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString

Using con As New SqlConnection(constr)

Using cmd As New SqlCommand("SELECT Username, [Password] FROM Users WHERE Email = @Email")

cmd.Parameters.AddWithValue("@Email", txtEmail.Text.Trim())

cmd.Connection = con

con.Open()

Using sdr As SqlDataReader = cmd.ExecuteReader()

If sdr.Read() Then

username = sdr("Username").ToString()

password = sdr("Password").ToString()

End If

End Using

con.Close()

End Using

If Not String.IsNullOrEmpty(password) Then

Dim mm As New MailMessage("sender@gmail.com", txtEmail.Text.Trim)

mm.Subject = "Password Recovery"

mm.Body = String.Format("Hi {0}, Your password is {1}. Thank You.", username, password)

mm.IsBodyHtml = True

Dim smtp As New SmtpClient()

smtp.Host = "smtp.gmail.com"

smtp.EnableSsl = True

Dim NetworkCred As New NetworkCredential()

NetworkCred.UserName = "sender@gmail.com"

NetworkCred.Password = "<Password>"

smtp.UseDefaultCredentials = True

smtp.Credentials = NetworkCred

smtp.Port = 587

smtp.Send(mm)

lblMessage.ForeColor = Color.Green

lblMessage.Text = "Password has been sent to your email address."

Else

lblMessage.ForeColor = Color.Red

lblMessage.Text = "This email address does not match our records."

End If

End Sub

Screenshots

Success and error messages displayed to the user

The email message with the password sent to the user’s email address.

Downloads

Download Code

Implement Forgot Password functionality in ASP.Net using C# and VB.Net

Related

Ask Question

Company

Explore

Follow us

Contact Us