public ActionResult PasswordRetrieval(Models.PasswordRetrievalModel pr) { if (ModelState.IsValid) { using (var db = new MainDbEntities()) { var crypto = new SimpleCrypto.PBKDF2(); if (pr.ConfirmEmail.Equals(pr.Email)) { int start = 100000; int end = 900000; int rand; User sysUser = db.Users.FirstOrDefault(m => m.UserName == pr.UserName); Random rnd = new Random(); rand = rnd.Next(start, end); sysUser.Password = crypto.Compute(rand.ToString()); sysUser.PasswordSalt = crypto.Salt; db.SaveChanges(); Emailer email = new Emailer(); email.ChangePasswordEmail(pr.UserName, pr.Email, rand.ToString()); } return RedirectToAction("PasswordChangeOk", "Account"); } } return View(); }