The profile data are saved on the aspnet_Profile
Table, where each property is dynamic and placed on the PropertyNames
and PropertyValuesString
the value of it.
Each property is connected to the user with the UserId
. This design is logical from the moment asp.net is let you design your custom profile parameters. From the other hand if you have your database, you can create your personal table to keep that information's as you like, with your design.
To reset the password you can use the ResetPassword method that is fully explained on MSDN.
An alternative method that I prefer, but you need to make some more code is, to send the user an e-mail, from the e-mail you send them on a page that actually can write a new password, and you on code behind you reset it as:
MembershipUser mu = Membership.GetUser(UserIdToChangePass);
if (mu != null)
{
string sTemporaryPassword = mu.ResetPassword();
mu.ChangePassword(sTemporaryPassword, txtNewPassword.Text);
}
where txtNewPassword
is a TextBox that the users enter the new password.