>>>Hi,
>>>
>>>is there a UI built into the framework to allow a user to change their password?
>>
>>Not a built in UI for that, but you can implement a form to do it easy enough.
>>Tim
>
>Tim,
>
>I need a nudge in the right direction, please. I can't find any reference in the help file as to how to access the currently logged in User. I am assuming that one exists. I need this so that I can authenticate the user against the entered password before allowing the password to be changed. I figured I'd need something like this:
>
>

if oCurrentUser.Authenticate(password)
>   // then I can change the password (after other checks of course

Hi Frank,

The current user is stored in a session object as mmUserSecurity_UserPK
Here is some code I have in one page I did a long time ago to display the current user in the page.

object UserPk = Session["mmUserSecurity_UserPk"];

DataSet dsUser = mmAppBase.SecurityMgr.oUser.GetUserByPK(UserPk);
string userFirstName = dsUser.Tables[0].Rows[0]["FirstName"].ToString();
string userLastName = dsUser.Tables[0].Rows[0]["LastName"].ToString();

this.lblCurrentMember.Text = "Welcome: " + userFirstName + " " + userLastName;

The other thing is protect or secure the page to change their password so they can't do it unless they are already authenticated. Then make them enter the old password and the new one twice. That way you have lots of checks to make sure you are changing the correct user and password.
Tim