'ASP.NET Core Identity prevent user from using same password
I have a project where I am using ASP.NET Core Identity (with IdentityServer4) for user authentication.
When I use ChangePasswordAsync
to change password, it is allowing the new password to be the same as the current password. Is there a way to prevent this?
Solution 1:[1]
Adding a custom password validator in which you can do a Login-Request with username + the new password.
If this Login is successful then the password hasn't changed.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
Solution | Source |
---|---|
Solution 1 | Kay Meister |