public override string ResetPassword(string username, string answer) { if (!EnablePasswordReset) throw new NotSupportedException("Password reset is not enabled."); if (string.IsNullOrEmpty(answer) && RequiresQuestionAndAnswer) { UpdateFailureCount(username, "passwordAnswer"); throw new ProviderException("Password answer required for password reset."); } string newPassword = System.Web.Security.Membership.GeneratePassword(NEW_PASSWORD_LENGTH, MinRequiredNonAlphanumericCharacters); ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, newPassword, true); OnValidatingPassword(args); if (args.Cancel) { if (args.FailureInformation != null) throw args.FailureInformation; else throw new MembershipPasswordException("Reset password canceled due to password validation failure."); } string res = string.Empty; using (Database db = new MySqlDatabase()) { res = db.ResetPassword( username, _applicationName, answer, newPassword, PasswordAttemptWindow, RequiresQuestionAndAnswer, PasswordFormat, MaxInvalidPasswordAttempts, this); } if (!string.IsNullOrEmpty(res)) return newPassword; throw new MembershipPasswordException("User not found, or user is locked out. Password not reset."); }