Even though we have customized the registration email sent from our extranet sites to external users, a number of them miss the bolded type where it states the requirements for the password.
It was suggested that we change the registration page so that it too details the requirements for a password. (I'm guessing so that it can be ignored twice!)
And, even if the user misses this note too, and types in a password not meeting requirements, when it goes to the error page where now it just says "InvalidPassword", can i add a line stating the password requirements yet again?
Anyway, do you have any recommendations on how to do this and any "gotchas" to avoid?
Thanks, in advance,
Currently ExCM does not provide a way to validate passwords that do not match the membership provides passwordStrenghRegularExpression. This is something we plan to include in the next ExCM release for SharePoint 2010. In the mean time you can add the validation logic specific to your environment by making a small edit to the '12\Template\Layouts\SPSolutions\Delegation\Register.aspx' page. You can perform validation on your passwords by adding a InputFormRegularExpressionValidator control to perform validation on your password text box. You can see an example of a InputFormREgularExpressionValidator in bold below...
<wssawc:InputFormTextBox ID="PasswordTextBox" TextMode="Password" Columns="35" Runat="server" class="ms-input" MaxLength=255 />
<wssawc:InputFormRequiredFieldValidator ControlToValidate="PasswordTextBox" ToolTip="<%$Resources:del,AddUserToAuthStore_PasswordValidator_ToolTip %>" ErrorMessage="<%$Resources:del,AddUserToAuthStore_PasswordValidator_ErrorMessage %>" BreakBefore="True" runat="server" />
<wssawc:InputFormCustomValidator ControlToValidate="PasswordTextBox" OnServerValidate="PasswordMatch_ServerValidate" ErrorMessage="<%$Resources:del,PasswordsDoNetMatch_ErrorMessage %>" BreakBefore="True" runat="server" />
<wssawc:InputFormRegularExpressionValidator ControlToValidate="PasswordTextBox" ValidationExpression="..Your Expression Here.." ErrorMessage="The password provided was invalid." runat="server" />
Modify the ValidationExpression and ErrorMessage to match your company's password policy. Typically you can get the ValidationExpression from the membership provider's passwordStrengthRegularExpression found in your web.config file. Please note this is an unsupported operation and be aware that ExCM updates may override your custom changes so please make a backup copy of your Register.aspx page.
Manager, Software Production
If you are just looking to add some additional password information to the Register.aspx page this is supported using the <extranet /> web.config sections. By modifying the <extranet /> section you can add a password message and password example. The password message and password example will be displayed on all pages that require password input. This list includes register, change password, forgot password and add user. See the documentation below for the details...
(ExCM web.config Elements)
Manager, Software Production