Change error message for locked out user in PasswordRecovery control

Question

I use the ASP.NET PasswordRecovery control in combination with the standard membership provider. A locked out user gets the confusing error message

We were unable to access your information. Please try again.

I want to change this message, but find no way. The properties XXXFailureText especially GeneralFailureText contain over strings. There seems to be a hidden text used for this special kind of error I can't change using a property.

Answer 1

This was causing me a headache too, until I tried this. I added code to the VerifyingUser event to set the UserNameFaileurText if the user was locked out and it worked great, that is the error message was exactly what I wanted it to be.

 protected void PasswordRecovery1_VerifyingUser(object sender, LoginCancelEventArgs e)
{
    MembershipUser membershipUser = Membership.GetUser(PasswordRecovery1.UserName);
    if (membershipUser != null && membershipUser.IsLockedOut)
    {
        PasswordRecovery1.UserNameFailureText = string.Format("<span style='font-            size:larger'>Your account has been locked. Please contact<br/>your <a href='mailto:webmanager@aaa.co.uk?subject=Locked Account - {0}'>system administrator</a>.</span>", PasswordRecovery1.UserName);
    }
}

Answer 2

Are you using a custom membership provider? This error can be cause by a partially implemented membership provider.

You also need to check you web.config settings. make sure that something like this is set:

enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false"

As well as check they your mailsettings/smtp section is setup properly with a 'from' email address.

<mailSettings>
  <smtp from="noreply@mysite.com">
    <network host="mysite.smtp.server" port="25"/>
  </smtp>
</mailSettings>

or set the 'from' in PasswordRecovery

<asp:PasswordRecovery runat="server">
    <MailDefinition From="passwordrecovery@mysite.com">
    </MailDefinition>
</asp:PasswordRecovery>

btw, your specified error message is the default UserNameFailureText. http://msdn.microsoft.com/en-us/library/system.web.ui.webcontrols.passwordrecovery.usernamefailuretext.aspx

If all else fails, you could hijack the events and cancel them, then show your own error message. Specially the UserLookupError and the other *Error events. http://msdn.microsoft.com/en-us/library/system.web.ui.webcontrols.passwordrecovery_events.aspx

Answer 3

In the properties window of the control there is a field for the text displayed that you can change