OK. Figured it out. The approach I was taking was wrong. There's no need to setup another web.config
in the Admin subfolder. You basically need to add a second MembershipProvider to your root level web.config
, with a different name of course, and set requiresQuestionAndAnswer
to false
for it. In the <membership>
node, you can set defaultProvider="NAME_OF_YOUR_FIRST_PROVIDER"
to ensure security.
Then in your code, you can do the following to reset user's password without requiring question/answer thing.
MembershipUser mu = Membership.Providers["NAME_OF_YOUR_SECOND_PROVIDER"].GetUser(<USERNAME>, false);
if (mu != null)
string NewPwd = mu.ResetPassword();