Change Password

View this page for | |

This workflow can take place when the end user wants/needs to change their password as part of the standard application usage.

Password change can be mandated at regular intervals if the password policy specifies a maxAge value for instance. Use currentAge to determine the time since previous change password.

Note: Password expiration (maxAge) is ignored when the SilentLockPolicy is configured for use.

Perform the usual steps to get the Container instance.

Perform the usual steps to get the Container instance.

  1. Create an instance of the Device (DeviceFactory.GetDevice).
  2. Get the instance of the Container (IDevice.FindContainers).
  3. At this point, depending on the server configuration, either:
    • Get the container policy (IContainer.GetProtectionPolicy).

    Or

    • Find the key whose password needs to be changed (IContainer.FindKeys) and its protection policy (IKey.GetProtectionPolicy).
  4. Prompt the end user for the old and new passwords, and change it (IPasswordPolicy.ChangePassword).
  5. If the current password is correct and the new password matches the Protection Policy, then the operation is successful and the password is changed. Otherwise, an error is returned/thrown.

Sample Change Password on Windows (C#)

Copy 
// We assume that you have already provisioned a container.

bool isSuccessfull = false;
// You can check the policy protecting the container, or alternatively a policy protecting a key.
// Unless a specific configuration is used, they will be the same.

// ChangePassword operation only applies to PASSWORD or BIOPASSWORD
var policy = await container.GetProtectionPolicy() as IProtectionPolicy;
if (policy.Type.Equals(ProtectionPolicyType.Password) ||
    policy.Type.Equals(ProtectionPolicyType.BioPassword))
{
    isSuccessfull = await ((IPasswordPolicy)policy).ChangePassword(oldPassword, newPassword);
}