Implement Change Password in ASP.Net using C# and VB.Net

Hi v@run,

Please refer below sample.

HTML

<div class="container">
    <div class="row">
        <div class="col-md-6">
            <div class="form-group">
                <asp:TextBox ID="txtName" runat="server" CssClass="form-control" placeholder="Enter Name"></asp:TextBox>
                <asp:RequiredFieldValidator ID="RequiredFieldValidator1" runat="server" Display="Dynamic"
                    ErrorMessage="Please Enter Old Password" CssClass="val" ControlToValidate="txtName"
                    ValidationGroup="cp"></asp:RequiredFieldValidator>
            </div>
            <div class="form-group">
                <asp:TextBox ID="txtoldpwd" runat="server" CssClass="form-control" placeholder="Enter Old Password"></asp:TextBox>
                <asp:RequiredFieldValidator ID="RequiredFieldValidator13" runat="server" Display="Dynamic"
                    ErrorMessage="Please Enter Old Password" CssClass="val" ControlToValidate="txtoldpwd"
                    ValidationGroup="cp"></asp:RequiredFieldValidator>
            </div>
            <div class="form-group">
                <asp:TextBox ID="txtnewpwd" runat="server" CssClass="form-control" placeholder="Enter New Password"></asp:TextBox>
                <asp:RequiredFieldValidator ID="RequiredFieldValidator16" runat="server" Display="Dynamic"
                    ErrorMessage="Please Enter New Password" CssClass="val" ControlToValidate="txtnewpwd"
                    ValidationGroup="cp"></asp:RequiredFieldValidator>
            </div>
            <div class="form-group">
                <asp:Button ID="btnchangepassword" runat="server" Text="Change Password" CssClass="form-control btn-success"
                    OnClick="btnchangepassword_Click" ValidationGroup="cp" />
            </div>
            <div class="form-group">
                <div class="alert alert-success" id="cpsuccess" runat="server" visible="false">
                    Password Changed Successfully</div>
            </div>
            <div class="form-group">
                <div class="alert alert-warning" id="cpnotsuccess" runat="server" visible="false">
                    please Enter Correct Old Password</div>
            </div>
            <br />
            <asp:GridView ID="gvUsers" runat="server" AutoGenerateColumns="false">
                <Columns>
                    <asp:BoundField DataField="Name" HeaderText="Name" />
                    <asp:BoundField DataField="UserName" HeaderText="UserName" />
                    <asp:BoundField DataField="Password" HeaderText="Password" />
                </Columns>
            </asp:GridView>
        </div>
    </div>
</div>

Namespaces

C#

using System.Data.SqlClient;
using System.Data;
using System.Configuration;

VB.Net

Imports System.Data.SqlClient
Imports System.Data

Code

C#

protected void Page_Load(object sender, EventArgs e)
{
    if (!this.IsPostBack)
    {
        BindGrid();
    }
}

private void BindGrid()
{
    string constr = ConfigurationManager.ConnectionStrings["constr"].ConnectionString;
    using (SqlConnection con = new SqlConnection(constr))
    {
        using (SqlCommand cmd = new SqlCommand("SELECT TOP 3 Name, UserName,Password FROM Users", con))
        {
            using (SqlDataAdapter da = new SqlDataAdapter(cmd))
            {
                DataTable dt = new DataTable();
                da.Fill(dt);
                this.gvUsers.DataSource = dt;
                this.gvUsers.DataBind();
            }
        }
    }
}

protected void btnchangepassword_Click(object sender, EventArgs e)
{
    string name = txtName.Text;
    string oldpwd = txtoldpwd.Text;
    string newpwd = txtnewpwd.Text;
    string checkpwd = CheckOldPassword(name, oldpwd);
    if (checkpwd == oldpwd)
    {
        UpdatePassword(name, newpwd);
        cpsuccess.Visible = true;
        cpnotsuccess.Visible = false;
        txtnewpwd.Text = "";
        txtoldpwd.Text = "";
    }
    else
    {
        txtnewpwd.Text = "";
        txtoldpwd.Text = "";
        cpsuccess.Visible = false;
        cpnotsuccess.Visible = true;
    }
    BindGrid();
}

public string CheckOldPassword(string name, string oldpwd)
{
    string oldpwdfromdb = "";
    SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["constr"].ConnectionString);
    string query = "select Password from Users where Name=@name";
    SqlCommand cmd = new SqlCommand(query, con);
    cmd.Parameters.AddWithValue("@name", txtName.Text);
    SqlDataAdapter da = new SqlDataAdapter(cmd);
    DataSet ds = new DataSet();
    da.Fill(ds);
    con.Close();

    if (ds.Tables[0].Rows.Count > 0)
    {
        for (int i = 0; i < ds.Tables[0].Rows.Count; i++)
        {
            oldpwdfromdb = ds.Tables[0].Rows[i]["password"].ToString();

        }
    }
    con.Close();
    return oldpwdfromdb;
}

public void UpdatePassword(string name, string newpwd)
{
    SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["constr"].ConnectionString);
    SqlCommand cmd = new SqlCommand("UPDATE Users  SET password = @password WHERE name=@name");
    cmd.Parameters.AddWithValue("@password", newpwd);
    cmd.Parameters.AddWithValue("@name", name);
    cmd.Connection = con;
    con.Open();
    cmd.ExecuteNonQuery();
    con.Close();
}

VB.Net

Protected Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs) Handles Me.Load
    If Not Me.IsPostBack Then
        BindGrid()
    End If
End Sub

Private Sub BindGrid()
    Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
    Using con As SqlConnection = New SqlConnection(constr)
        Using cmd As SqlCommand = New SqlCommand("SELECT TOP 3 Name, UserName,Password FROM Users", con)
            Using da As SqlDataAdapter = New SqlDataAdapter(cmd)
                Dim dt As DataTable = New DataTable()
                da.Fill(dt)
                Me.gvUsers.DataSource = dt
                Me.gvUsers.DataBind()
            End Using
        End Using
    End Using
End Sub

Protected Sub btnchangepassword_Click(ByVal sender As Object, ByVal e As EventArgs)
    Dim name As String = txtName.Text
    Dim oldpwd As String = txtoldpwd.Text
    Dim newpwd As String = txtnewpwd.Text
    Dim checkpwd As String = CheckOldPassword(name, oldpwd)

    If checkpwd = oldpwd Then
        UpdatePassword(name, newpwd)
        cpsuccess.Visible = True
        cpnotsuccess.Visible = False
        txtnewpwd.Text = ""
        txtoldpwd.Text = ""
    Else
        txtnewpwd.Text = ""
        txtoldpwd.Text = ""
        cpsuccess.Visible = False
        cpnotsuccess.Visible = True
    End If

    BindGrid()
End Sub

Public Function CheckOldPassword(ByVal name As String, ByVal oldpwd As String) As String
    Dim oldpwdfromdb As String = ""
    Dim con As SqlConnection = New SqlConnection(ConfigurationManager.ConnectionStrings("constr").ConnectionString)
    Dim query As String = "select Password from Users where Name=@name"
    Dim cmd As SqlCommand = New SqlCommand(query, con)
    cmd.Parameters.AddWithValue("@name", txtName.Text)
    Dim da As SqlDataAdapter = New SqlDataAdapter(cmd)
    Dim ds As DataSet = New DataSet()
    da.Fill(ds)
    con.Close()
    If ds.Tables(0).Rows.Count > 0 Then

        For i As Integer = 0 To ds.Tables(0).Rows.Count - 1
            oldpwdfromdb = ds.Tables(0).Rows(i)("password").ToString()
        Next
    End If
    con.Close()
    Return oldpwdfromdb
End Function

Public Sub UpdatePassword(ByVal name As String, ByVal newpwd As String)
    Dim con As SqlConnection = New SqlConnection(ConfigurationManager.ConnectionStrings("constr").ConnectionString)
    Dim cmd As SqlCommand = New SqlCommand("UPDATE Users  SET password = @password WHERE name=@name")
    cmd.Parameters.AddWithValue("@password", newpwd)
    cmd.Parameters.AddWithValue("@name", name)
    cmd.Connection = con
    con.Open()
    cmd.ExecuteNonQuery()
    con.Close()
End Sub

Screenshot