Change Password with ASP.Net ChangePassword Control using C# and VB.Net

Hi v@run,

Refer below sample code.

HTML

Name :
<asp:TextBox ID="txtName" runat="server"></asp:TextBox>
<asp:ChangePassword ID="ChangePassword1" runat="server" OnChangingPassword="OnChangingPassword"
    RenderOuterTable="false" NewPasswordRegularExpression="^[\s\S]{5,}$" NewPasswordRegularExpressionErrorMessage="Password must be of minimum 5 characters.">
</asp:ChangePassword>
<br />
<asp:Label ID="lblMessage" runat="server" />
<asp:GridView ID="gvUsers" runat="server" AutoGenerateColumns="false">
    <Columns>
        <asp:BoundField DataField="Name" HeaderText="Name" />
        <asp:BoundField DataField="UserName" HeaderText="UserName" />
        <asp:BoundField DataField="Password" HeaderText="Password" />
    </Columns>
</asp:GridView>

Namespaces

C#

using System.Data.SqlClient;
using System.Configuration;
using System.Data;

VB.Net

Imports System.Data.SqlClient
Imports System.Configuration
Imports System.Data

Code

C#

protected void Page_Load(object sender, EventArgs e)
{
    if (!this.IsPostBack)
    {
        this.BindGrid();
    }
}

private void BindGrid()
{
    string constr = ConfigurationManager.ConnectionStrings["constr"].ConnectionString;
    using (SqlConnection con = new SqlConnection(constr))
    {
        using (SqlCommand cmd = new SqlCommand("SELECT TOP 3 Name, UserName,Password FROM Users", con))
        {
            using (SqlDataAdapter da = new SqlDataAdapter(cmd))
            {
                DataTable dt = new DataTable();
                da.Fill(dt);
                this.gvUsers.DataSource = dt;
                this.gvUsers.DataBind();
            }
        }
    }
}

protected void OnChangingPassword(object sender, LoginCancelEventArgs e)
{
    if (!ChangePassword1.CurrentPassword.Equals(ChangePassword1.NewPassword, StringComparison.CurrentCultureIgnoreCase))
    {
        int rowsAffected = 0;
        string query = "UPDATE [users] SET [password] = @NewPassword WHERE [name] = @name AND [password] = @CurrentPassword";
        string constr = ConfigurationManager.ConnectionStrings["constr"].ConnectionString;
        using (SqlConnection con = new SqlConnection(constr))
        {
            using (SqlCommand cmd = new SqlCommand(query))
            {
                using (SqlDataAdapter sda = new SqlDataAdapter())
                {
                    cmd.Parameters.AddWithValue("@name", txtName.Text);
                    cmd.Parameters.AddWithValue("@CurrentPassword", ChangePassword1.CurrentPassword);
                    cmd.Parameters.AddWithValue("@NewPassword", ChangePassword1.NewPassword);
                    cmd.Connection = con;
                    con.Open();
                    rowsAffected = cmd.ExecuteNonQuery();
                    con.Close();
                }
            }
            if (rowsAffected > 0)
            {
                lblMessage.ForeColor = Color.Green;
                lblMessage.Text = "Password has been changed successfully.";
            }
            else
            {
                lblMessage.ForeColor = Color.Red;
                lblMessage.Text = "Password does not match with our database records.";
            }

            e.Cancel = true;
        }
    }
    else
    {
        lblMessage.ForeColor = Color.Red;
        lblMessage.Text = "Old Password and New Password must not be equal.";
    }
    this.BindGrid();
}

VB.Net

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs)
        If Not Me.IsPostBack Then
            Me.BindGrid()
        End If
    End Sub

    Private Sub BindGrid()
        Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString

        Using con As SqlConnection = New SqlConnection(constr)

            Using cmd As SqlCommand = New SqlCommand("SELECT TOP 3 Name, UserName,Password FROM Users", con)

                Using da As SqlDataAdapter = New SqlDataAdapter(cmd)
                    Dim dt As DataTable = New DataTable()
                    da.Fill(dt)
                    Me.gvUsers.DataSource = dt
                    Me.gvUsers.DataBind()
                End Using
            End Using
        End Using
    End Sub

    Protected Sub OnChangingPassword(ByVal sender As Object, ByVal e As LoginCancelEventArgs)
        If Not ChangePassword1.CurrentPassword.Equals(ChangePassword1.NewPassword, StringComparison.CurrentCultureIgnoreCase) Then
            Dim rowsAffected As Integer = 0
            Dim query As String = "UPDATE [users] SET [password] = @NewPassword WHERE [name] = @name AND [password] = @CurrentPassword"
            Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString

            Using con As SqlConnection = New SqlConnection(constr)

                Using cmd As SqlCommand = New SqlCommand(query)

                    Using sda As SqlDataAdapter = New SqlDataAdapter()
                        cmd.Parameters.AddWithValue("@name", txtName.Text)
                        cmd.Parameters.AddWithValue("@CurrentPassword", ChangePassword1.CurrentPassword)
                        cmd.Parameters.AddWithValue("@NewPassword", ChangePassword1.NewPassword)
                        cmd.Connection = con
                        con.Open()
                        rowsAffected = cmd.ExecuteNonQuery()
                        con.Close()
                    End Using
                End Using

                If rowsAffected > 0 Then
                    lblMessage.ForeColor = Color.Green
                    lblMessage.Text = "Password has been changed successfully."
                Else
                    lblMessage.ForeColor = Color.Red
                    lblMessage.Text = "Password does not match with our database records."
                End If

                e.Cancel = True
            End Using
        Else
            lblMessage.ForeColor = Color.Red
            lblMessage.Text = "Old Password and New Password must not be equal."
        End If

        Me.BindGrid()
    End Sub

Screenshot