For a web application using ASP.NET Identity, I need to implement password expiration and password history check. BEFORE YOU BID, PLEASE READ BELOW, and make sure that you understand the 2 subtasks.
First task: Override [url removed, login to view] to check if the password is expired (add new SignInStatus : PasswordExpired). LastPasswordChangeDate could/should be maintained in the AspNetUsers table.
Second task: keep a history of password hashes for a given user, so the new password doesn't match the 5 last passwords. I suggest to override [url removed, login to view], but i am not sure this is the best option.
You will demonstrate this extension based on the default ASP.NET C# Web Application (Individual User Accounts) in Visual Studio 2015. NOTE: must be WebForms, not MVC.
A few hints are mentioned on ASP.NET Identity github page:
[url removed, login to view]
Hi I'm c# developer with 12 years experience on .net framework and related tools. I'll override those methods and do password expiration checking. please send a message for me to have discussion about details.