Create Extranet Login with 2 different login types

E-mail notifications

Shiwanka Chathuranga

Posted on 18/01/2026 12:08:01

Is there any possibility to create an Extranet login that supports both OTP and password login for the same user.

We have created our own OTP login method, but after the user logged in with OTP, their current normal password is changed, and they can not login by password again.

Replies

Nicolai Pedersen

Posted on 19/01/2026 09:18:41

Hi Shiwanka

I am not sure I understand the question. If you use DW10 OTP, the user has to use that - you cannot combine it.

You can create 2 different users with the same username by giving them different shopids - and submit the shopid when logging in to hit the correct profile - you might be able to use that trick to have 2 different login methods for the same username.

Login procedure is described here: https://doc.dynamicweb.dev/documentation/implementing/users/login.html?tabs=regular-login%2Cimpersonation

Shiwanka Chathuranga

Posted on 19/01/2026 16:30:12

HI Nicolai

this is DW9 , requirement is to create one user who can login using OTP and password both options.

we create OTP login, but when user legged using OTP then saved password is changed.

Nicolai Pedersen

Posted on 19/01/2026 16:48:23

If the user is OTP - it has no password... Nor should he.

OTP = One Time Password = You should not have a password....

Otherwise it has to be a MFA - there the user will have a password and get a code.

Shiwanka Chathuranga

Posted on 20/01/2026 04:19:01

OK Clear

When login through OTP to the frontend, its logout with in 20-30min

is there anyway to increase that. we used ExternalLoginProvider

public override ExternalLoginResult GetLoginResult()
{

var loginResult = new ExternalLoginResult();

loginResult.Success = true;
loginResult.ProviderID = ProviderID;
loginResult.DefaultUserName = user.UserName;
loginResult.ProviderKey = user.ID.ToString();

return loginResult;

}

public override void Login()
{
OnlyDoVerificationExternally = true;
AuthenticationProperties properties = new AuthenticationProperties() { RedirectUri = RedirectUrl, AllowRefresh = true, ExpiresUtc = DateTime.UtcNow.AddHours(8), IssuedUtc = DateTime.UtcNow, IsPersistent = true };
System.Web.HttpContext.Current.GetOwinContext().Authentication.Challenge(properties, Name);
}

Nicolai Pedersen

Posted on 20/01/2026 11:29:48

The login cookie has an expiration that can be set in the backend:

https://doc.dynamicweb.dev/manual/dynamicweb10/settings/areas/users/extranet.html

The login is controlled by a cookie - you can see the expiration date in the browser tools. That cookie is set if you set Autologin=True in the login form post.

Shiwanka Chathuranga

Posted on 20/01/2026 18:53:12

in my case when user login using ExternalLoginProvider logout with in 20-30mins,

but if anther user logged in with username and password on another browser it stays for long time.

cookie settings like this

Nicolai Pedersen

Posted on 20/01/2026 21:07:26

That is DW9. Works a bit differently.

You have to have these set in your login post:

DWExtranetUsernameRemember = True
DWExtranetPasswordRemember = True
Autologin = True

BR Nicolai

Shiwanka Chathuranga

Posted on 21/01/2026 08:58:05

https://mancon-ecom.dwcmsweb.com/sign-in-1

any missing things, still max 30mins

you can try test code - shiwankaswe@gmail.com

OTP - 111222

Nicolai Pedersen

Posted on 21/01/2026 09:39:22

Try sending in a hidden field "Password" with a random value.

The login cookie will not be set without the password - and you have changed it to not have password, but otp

You must be logged in to post in the forum

Developer forum

Create Extranet Login with 2 different login types

Replies