User unable to login ...

We have a small ASP.NET 2.0 application - it uses the built-in security
model - membership provider - stored in SQL Server ...

A user called a while ago complaining that he was unable to login - I
checked - the user was not locked out, I reset the failed password
attempts - both count and windowstart - just incase that was affecting it
.... I also checked when the user had last changed password - and the user
had never changed password ... is there something else that I did not look
for? The application is really simple, so I just re-created the user account
and re-assigned role permissions - we don't really use it for anything other
than authentication and site-map security trimming ... but I am most curious
as to why this user was being denied access.

One other point to note is that when I attempted to change the password, it
appeared that it was not being accepted - the old password, i.e. -
indicating that the password had been changed - but how? The only way for
the admins to change the password is through the GUI - and doesn't the
change password control automatically update the date the password was last
changed on?

If anyone has answers, I would really appreciate it.

Thank you,

Rohan


.

Quantcast