if oCurrentUser.Authenticate(password) > // then I can change the password (after other checks of courseHi Frank,
object UserPk = Session["mmUserSecurity_UserPk"]; DataSet dsUser = mmAppBase.SecurityMgr.oUser.GetUserByPK(UserPk); string userFirstName = dsUser.Tables[0].Rows[0]["FirstName"].ToString(); string userLastName = dsUser.Tables[0].Rows[0]["LastName"].ToString(); this.lblCurrentMember.Text = "Welcome: " + userFirstName + " " + userLastName;The other thing is protect or secure the page to change their password so they can't do it unless they are already authenticated. Then make them enter the old password and the new one twice. That way you have lots of checks to make sure you are changing the correct user and password.