Your application uses ASP.NET Core Identity for authentication. During the security audit, it was pointed out that the application should enforce password reset every 90 days. How can you enforce this in ASP.NET Core?

  • Configure password expiration in IdentityOptions
  • Create a custom middleware to force password reset
  • Implement a password reset policy in the login controller
  • Use a third-party identity management library
To enforce password reset every 90 days in ASP.NET Core Identity, you should configure the password expiration policy in the IdentityOptions during application startup. This policy can be set to require users to change their passwords after a specified number of days.
Add your answer
Loading...

Leave a comment

Your email address will not be published. Required fields are marked *