/// <summary>
        /// Change Users password Question and Answer
        /// </summary>
        /// <param name="username">Username to change Q&A for</param>
        /// <param name="password">Password</param>
        /// <param name="newPasswordQuestion">New question</param>
        /// <param name="newPasswordAnswer">New answer</param>
        /// <returns> Boolean depending on whether the change was successful</returns>
        public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer)
        {
            // Check arguments for null values
            if ((username == null) || (password == null) || (newPasswordQuestion == null) || (newPasswordAnswer == null))
            {
                throw new ArgumentException("Username, Password, Password Question or Password Answer cannot be null");
            }

            UserPasswordInfo currentPasswordInfo = UserPasswordInfo.CreateInstanceFromDB(this.ApplicationName, username, false, this.UseSalt);

            newPasswordAnswer = YafMembershipProvider.EncodeString(newPasswordAnswer, currentPasswordInfo.PasswordFormat, currentPasswordInfo.PasswordSalt, this.UseSalt);

            if (currentPasswordInfo != null && currentPasswordInfo.IsCorrectPassword(password))
            {
                try
                {
                    DB.ChangePasswordQuestionAndAnswer(this.ApplicationName, username, newPasswordQuestion, newPasswordAnswer);
                    return(true);
                }
                catch
                {
                    // will return false...
                }
            }

            return(false);            // Invalid password return false
        }
        /// <summary>
        /// Validates a user by user name / password
        /// </summary>
        /// <param name="userName">Username</param>
        /// <param name="userName">Password</param>
        /// /// <returns>True/False whether username/password match what is on database.</returns>
        public override bool ValidateUser(string username, string password)
        {
            UserPasswordInfo currentUser = UserPasswordInfo.CreateInstanceFromDB(this.ApplicationName, username, false, this.UseSalt);

            if (currentUser != null && currentUser.IsApproved)
            {
                return(currentUser.IsCorrectPassword(password));
            }

            return(false);
        }
        /// <summary>
        /// Change Users password
        /// </summary>
        /// <param name="username">Username to change password for</param>
        /// <param name="oldpassword">Password</param>
        /// <param name="newPassword">New question</param>
        /// <returns> Boolean depending on whether the change was successful</returns>
        public override bool ChangePassword(string username, string oldPassword, string newPassword)
        {
            string newPasswordSalt = string.Empty;
            string newEncPassword  = string.Empty;

            // Clean input

            // Check password meets requirements as set by Configuration settings
            if (!(this.IsPasswordCompliant(newPassword)))
            {
                return(false);
            }

            UserPasswordInfo currentPasswordInfo = UserPasswordInfo.CreateInstanceFromDB(this.ApplicationName, username, false, this.UseSalt);

            // validate the correct user information was found...
            if (currentPasswordInfo == null)
            {
                return(false);
            }

            // validate the correct user password was entered...
            if (!currentPasswordInfo.IsCorrectPassword(oldPassword))
            {
                return(false);
            }

            // generate a salt if desired...
            if (UseSalt)
            {
                newPasswordSalt = YafMembershipProvider.GenerateSalt();
            }
            // encode new password
            newEncPassword = YafMembershipProvider.EncodeString(newPassword, ( int )this.PasswordFormat, newPasswordSalt, this.UseSalt);

            // Call SQL Password to Change
            DB.ChangePassword(this.ApplicationName, username, newEncPassword, newPasswordSalt, ( int )this.PasswordFormat, currentPasswordInfo.PasswordAnswer);

            // Return True
            return(true);
        }