Quote：

 smt.UseDefaultCredentials = true; 

如果 UseDefaultCredentials属性 [ ^ ]设置为 true ，忽略凭据属性。 SmtpClient 将尝试使用当前登录用户的默认凭据进行身份验证。只有当您使用属于AD域的邮件服务器时，这才有效。



该属性应设置为 false 代替。



将SMTP设置存储在配置文件中会更容易，而不是对它们进行硬编码：

system.net / mailSettings / smtp / network [ ^ ]

 <   configuration  >  
<   system.net  >  
<   mailSettings  >  
<   smtp     deliveryMethod   =  网络 >  
 <   network   
  
                                          host   =  smtp.gmail.com    port   =  587    enableSsl   =  true  
  
                                          defaultCredentials   =  false  
  
                                          userName   =  myMail@gmail.com  
  
                                         密码  =  Y0urP @ ssw0rd！  
  
                                  /  >  
<   / smtp  >  
&lt ;   / mailSettings  >  
<   / system.net  >  
<   / configuration  >  

 SmtpClient smt =  new  SmtpClient（）; 
 smt.Send（msg）; 

HOWEVER ，正如我在评论中提到的，你应该从不商店密码以纯文本格式，永远在电子邮件中发送用户密码。您应该只使用每条记录的唯一盐来存储用户密码的盐渍哈希值。



安全密码认证简单解释 [ ^ ]

Salted Password Hashing - 正确行事 [ ^ ]



如果用户忘记了密码，则无需向他们发送现有密码。相反，向他们发送一次性使用链接，让他们将密码重置为其他内容。



您想要了解的有关构建安全密码重置功能的所有内容 [ ^ ]

Hi, I am trying to right a code that can get email and password from a data table use button click event. I want to check if the email submitted by user and the one fetched from data table are the same then sent password by mail, but I am not getting what I want.

The error message says:

Quote:

Message=The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.5.1 Authentication Required

below is my code:

protected void eMailSubmit_Click(object sender, EventArgs e)
        {
            string username = "";
            string password = "";
            SqlConnection con = new SqlConnection(@"Data Source=My_DataBae;Integrated Security=False;");
            SqlCommand cmd = new SqlCommand("SubmitEmail", con);
            cmd.CommandType = CommandType.StoredProcedure;
            cmd.Parameters.Add("@Email", SqlDbType.NVarChar).Value = TextBoxSubmiteMail.Text;
            con.Open();
            SqlDataReader sdr = cmd.ExecuteReader();
            {

                if (sdr.Read())
                {
                    username = sdr["username"].ToString();
                    password = sdr["password"].ToString();

                    
                }

            }
            con.Close();

           if (username != TextBoxSubmiteMail.Text)
            {
                lblemailSubmit.Text = "The submitted eMail does not belong to this account, check the eMail and try again";
            }
            else if (!string.IsNullOrEmpty(password)) {  
            MailMessage msg = new MailMessage();  
            msg.From = new MailAddress("myMail@gmail.com");  
            msg.To.Add(TextBoxSubmiteMail.Text);  
            msg.Subject = " Recover your Password";  
            msg.Body = ("Your Username is:" + username + "<br/><br/>" + "Your Password is:" + password);  
            msg.IsBodyHtml = true;  
  
            SmtpClient smt = new SmtpClient();  
            smt.Host = "smtp.gmail.com";  
            System.Net.NetworkCredential ntwd = new NetworkCredential();  
            ntwd.UserName = "myMail@gmail.com"; //Your Email ID  
            ntwd.Password = ""; // Your Password  
            smt.UseDefaultCredentials = true;  
            smt.Credentials = ntwd;  
            smt.Port = 587;  
            smt.EnableSsl = true;  
            smt.Send(msg);  
            lblemailSubmit.Text = "Username and Password Sent Successfully";  
            lblemailSubmit.ForeColor = System.Drawing.Color.ForestGreen;  
        }  

this is my stored procedure:

CREATE PROCEDURE [dbo].[SubmitEmail]  (
    @Email nvarchar(20)   
	)  
AS   
BEGIN
    SET NOCOUNT ON; 
	 (
    SELECT Email, Password FROM My_Table WHERE Email= @email  
      )
END;  

How do I resolve the error?

I

What I have tried:

I tried supplying my email password.

Quote:

smt.UseDefaultCredentials = true;

If the UseDefaultCredentials property[^] is set to true, the Credentials property is ignored. The SmtpClient will attempt to authenticate using the default credentials of the currently logged on user. That will only work if you're using a mail server that's part of your AD domain.

The property should be set to false instead.

It would be easier to store the SMTP settings in the configuration file, rather than hard-coding them:
system.net / mailSettings / smtp / network[^]

<configuration>
    <system.net>
        <mailSettings>
            <smtp deliveryMethod="Network">
                <network

                    host="smtp.gmail.com" port="587" enableSsl="true"

                    defaultCredentials="false"

                    userName="myMail@gmail.com"

                    password="Y0urP@ssw0rd!"

                />
            </smtp>
        </mailSettings>
    </system.net>
</configuration>

SmtpClient smt = new SmtpClient();
smt.Send(msg); 

HOWEVER, as I mentioned in the comments, you should NEVER store passwords in plain text, and NEVER send the user's password in an email. You should only ever store a salted hash of the user's password, using a unique salt for each record.

Secure Password Authentication Explained Simply[^]
Salted Password Hashing - Doing it Right[^]

If the user can't remember their password, there's no need to send them their existing password. Instead, send them a one-time-use link which lets them reset their password to something else.

Everything you ever wanted to know about building a secure password reset feature[^]