I got this message; "Your new password was not accepted for security reasons. Please choose a password that hasn´t been used before."
We are using DNN Platform v.09.13.02, long time without need to change an user password, so no idea from when this is happens.
User: Locked Out: False Authorized: True
on the Webconfig: enablePasswordRetreival="false" enablePasswordReset="true" passwordFormat="Hashed"
On Settings >> Server >> Clear Cache and them Restart Application
On Chrome browser: Empty Cache and Hard Reload
Nothing help and no idea what else to do, I really apreciate any tip or solution to this issue.
Best,
Juan Tarte
Thanks Will for your help, but I also was considering 5 passwords uses, I´m trying with a complete new one never use, additional this customer was resently create, system send the link but he don´t use it.
I also try to send a reset password link, but same message or similar.
I did it just to make it easy for the customer, changing the password and this issue was same, not allow me to did it.
Well, that's interesting (and odd). 🤔
I haven't experienced this with other use cases like you are. Are you aware of any other environmental things that may be contributing to the issue?
For example, does your site have any specific authentication settings in place? Are you using the core authentication provider or a custom one? Have any of the settings been changed in the web(dot)config?
Posted By JA Tarte on 4/9/2024 7:03 AM After your last replay, I try to change password in other site and works, on this site the one giving me the message I select another user and was able to change the password. The message was only with this user, more but more strange. I recheck all and do not find anything different. Any clue, before proceed to delete this uer and create a new one?
I just found the reason why is happens, on table dbo.aspnet_Membership Email and LoweredEmail was duplicate, I remember i modified this user email, because was not correct, dont remember the steps, to see if can be recreate, I thing maybe and extra control was necessary.
Glad you figured it out! Perhaps it was modified in the database directly or via some non-conventional way? Neither of these approaches are recommended. There is also a setting in DNN that enforces unique email addresses, so that may or may not have been a factor as well.
These Forums are dedicated to the discussion of DNN Platform.
For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:
Awesome! Simply post in the forums using the link below and we'll get you started.