Last post Aug 28, 2016 07:25 AM by Chris Zhao
Aug 18, 2016 03:53 PM|MinglongC|LINK
We are using asp.net Identity 2.0.
When send the user a password reset link in an email, is it necessary to use SSL enabled email?
Is it still secure without using SSL email?
Aug 19, 2016 10:39 AM|Chris Zhao|LINK
Visit the link below to get detailed steps for that.
Aug 19, 2016 12:03 PM|MinglongC|LINK
Thanks for answer Chris.
My application is using asp.net Forms and is already SSL only.
But my question is specifically about emailing the password reset link to the user when using asp.net identity.
Is it required to use SSL enabled email when sending the password reset link?
For example, some sample code has the statement "smtpClient.EnableSsl = true" when setting up the email client; some don't. So I am not sure.
What most people normally do?
Aug 22, 2016 01:01 PM|jagan12013|LINK
To Send an EMAIL using System.Net.Mail and SSL you must use the port no : 587.
While Sending an Email we need to enable the SSL from Client side.
The System.Net.Mail or smtpclient class does not support Implicit SSL.
Its support explicit SSL which requires an insecure connection to the SMTP server.
First Establish a SSL Connection then excute the SMTP transaction.
Aug 22, 2016 02:01 PM|MinglongC|LINK
Sorry, my question is: If it is necessary to use SSL enabled email to send the password reset link to the user, not how to send an SSL email.
Aug 28, 2016 07:25 AM|Chris Zhao|LINK
If SMTP server you are connecting is required SSL, you must enable it.
The default value for SmtpClient.EnableSsl Property is false. The EnableSsl property specifies whether SSL is used to access the specified SMTP mail server.
Specify whether the SmtpClient uses Secure Sockets Layer (SSL) to encrypt the connection.
For more details,
read the Remarks section of the docs on MSDN.