I am working on a legacy ASP.NET website project that utilizes a custom MembershipProvider. I want to take advantage of the existing functionality that this provides to implement password validation. I want to ensure that all future passwords are of a certain length and contain a certain number of uppercase, lowercase, and non-alphanumeric characters.

What I have done so far is register a MembershipValidatePasswordEventHandler in the page_load function of the default page of the website based on the example from the docs,

So the logon control has a set of events - but the actual validation of the user occurs inside of the custom sqlmemberShipProivder class that I'm assuming was used here. That class thus should have a whole bunch of things like GetUser, ValidateUser, ChangePassword. The whole idea here is WHEN that provider is written correctly, then use of logon control, change password control etc will all JUST work for you, without having to build up the logon control(s) provided in the toolbox for this process.

So, in that custom class (sqlMemberShipProivder), there is this: (and many more)

I don't see a Validate Password user - but there is a ValidateUser event.