I&#039;m trying to build asp pages for users to manage their own accounts. If a user forgets his/her password, I&#039;d like to have them answer some challenge questions (SSN, DOB, etc) and then be able to anonymously unlock their account and/or set a new password.<BR><BR>I&#039;m running IIS4 on NT4 with NT Challege authentication. I have ASPUser installed which can run on the page in the context of an Account Administrator account, but both ASPUser as well as ADSI appear to require entry of the old password before setting a new password. I can understand the security reasons behind this, but are there any alternatives?<BR><BR>(See 15 seconds page saying ADSI requires old password:<BR>http://www.15seconds.com/issue/011127.htm<BR>and ASPUser page including sample code requiring old password:<BR>http://www.aspuser.com/asp_changepassword.htm)<BR><BR>Many thanks,<BR>Rob