We have a web application where we want a user to be able to change his/her password if the password has expired but we are unable to do this with ASP at the moment because we can't log the user into the database without a valid password.
We do not want to store any "admin" user info to connect to the database to change the users password for security issues.Does anyone have any ideas of how we could go about doing this?
Is it possible to password protect a web page that has editable text areas defined so that only authorised users can make edits?
View Replies View RelatedI've create a log in page connecting to a database that stores its passwords in MD5. Can someone point me in the right direction on how I can get my login page to recognize those passwords? Here's the code I'm using: Code:
View Replies View Relatedi have the following code to check if two password fields submitted equal each other. If they do then passwordok = 1 else it = 0. No matter that i put in the two fields it always = 0. can anyone see whats wrong? Code:
View Replies View RelatedCan anyone tell me how to apply a password to an Access database and then open the database with ASP. I know how to do this without the password, but have not been able to make the password work.
View Replies View RelatedIn my access database i have 2 tables called seceret question and secret answer. I would like to provide users with thier passwords without using emails. There would be a screen where they can enter thier username, secret answer then thier password will be displayed on the screen. Or alternatively they could just enter thier username and thier password
View Replies View RelatedCan someone help me with creating a password in asp? i know how to create a password for a single user, so how would you create one for multiple users? also i want to know how it is stored in a database, e.g. MS Access
View Replies View RelatedI made a website for my work and we have it secure to where you have to login when you come to the site. But for some reason when you use the check box to SAVE PASSWORD it will not save the password.
So each time a client comes back to the site they have to put thier password in (and they arent happy about it) Just wondering if there is a setting I can turn off or turn on to enable the passwords to be saved.
I have an access dbase that holds and an expiry date. I need to compare the expiry date with the current date and if it is later than the current date it will allow access (if the username password is correct of course)otherwise it will display an error message saying that membership has expired.
View Replies View Relatedwhat is the best way to create secure passwords in a database. I have a login system that can create users but it saves the users passwords in clear text. how would i go about doing this so if people look in the database they will not know the password.
View Replies View RelatedI'm working in ASP (not ASP.NET), and want to create a user database, with username and password. Though it isn't really necessary, since the program will be used on an intranet and by few people, I'd like to have the passwords stored and compared as hash values, for extra security.
However, I'm having trouble finding out how to do hashes in ASP. All the exampes I'm finding are for ASP.NET (and, no, I can't upgrade.) What function(s) would I use for hashing in ASP? Can it even be done?
What I want is to have a user log on with a username/password which I give to them. When they type it in I want it to direct them towards a specific form for them.
What I am doing is running a soccer league. so I want a team to be able to log in and then show up a form where they can enter stats from their game, and about their players which will go into a database. I am unsure how to go about having a different form show up for different users.
I am new to ASP and have been asked to create a login page which will bypass the password (see code below): Code:
View Replies View Relateddoes anyone know of any good tutorials on how to get a login and password checker.
basically ive got a home page with forms to log in and give password which get sent to an asp page i then need to check that username and password with the relevent one in the database or check if they are wrong or do not exist.
I have a requirement to enforce strong passwords from a customer, and I can only assume they won't be the last to ask for it.
Does anyone have any pointers for handling complex passwords? In this particular case I need to enforce.
between 6 and 16 Case Sensitive AlphaNumerics with at least one non-AlphaNumeric character. min and max I've got, but I'm not sure where to go with the rest.
I'm trying to create a MySQL table for users in a Drupal install (as I've accidentally deleted it).
So, i go through my existing tblContacts and write out Firstname, Lastname, email, password, etc., formatted for MySQL.
Everything goes perfect UNTIL i try to MD5 hash the password (via the included MD5_js.asp): for some reason, it is returning the same hash for every user. If the hash function is not applied, each users unique password appears as normal. Code:
part of this code works but it seems to ignore the password check, any ideas?
If Request.Form("PuafoPassword") = Request.Form("RePassword") Then
strError = strError & "Passwords don't match.<br>" & vbNewLine
Else
If rspuafo.EOF and rspuafo.BOF Then
Response.Redirect ("thankyou.asp")
Response.End
Else
strError = "Username already exists, please choose another one" & vbNewLine
I need to tighten up security on my page... only thing is, I can't change file permissions. I have databases and normal files (.dat) that I don't want someone to be able to just type the URL to and be able to get into it all. For example, I have a database with usernames and passwords, but if someone found out/guessed the URL of the DB then they could open it all.
how can I use Encrypt in Access so that if someone guessed the URL then they couldn't just open it? Basically, I know how to do that in Access... but what I don't know is what code to add to my ASP pages to decrypt/un-password protect it so I can open it. If it is possible to stop someone from having access to a file by just using global.asa.
I am using the ADSI objects to retrieve groups and users informations. If possible, how can I retrieve the user password? I've search in Microsoft.com but I find only the SetPassword function (that of course changes the user password).
View Replies View RelatedI have a ASP/vbscript program that generates random passwords. The problem is I need to insert those passwords into an Access database of 327 clients. I have the random password program generating the 327 passwords, but have had no luck inserting them. Code:
View Replies View RelatedHaving some problems updating a recordset, despite the fact that I've used the bulk of the code sucessfully in other projects. I seem to be able to add records no problem, but when I try to update them I get Code:
View Replies View RelatedHow do you get a web app to not show the 'page has expired...' error and
refresh and requery when you hit the back button after submitting a form? I
just want the old data to still be displayed in the form so the user can go
back, make a few changes, and submit again.
I checked knowledge base for this and I do not have "Do not save encrypted
pages to disk" checked and the user is running IE 6.0.2900.2180.xpsp_sp2_rtm.040803-2158 I am running server2003 and
IE 6.0.3790.0 update version 3283 and I don't have the problem.
I put this code in my asp page, trying to prevent the back button issue.
Response.Expires = -1
Response.ExpiresAbsolute = Now() - 2
Response.AddHeader "pragma","no-cache"
Response.AddHeader "cache-control","private"
Response.CacheControl = "private"
But nothing happens, the back page is loaded again.What can i do to add expired time to my pages.
I want to show users a custom "Page Expired" page when users go back to
the previous page by clicking the "Back" button of the browser (or when
he right-clicks anywhere on the current page & selects "Back" from the
menu). How do I do this?
how we know that the session is expired in asp
Can someone teach me that :
1) how to disable refresh/back button?
-I mean that when the user click the refresh/back button, and the session
will expire automatically.
2) How we know that the session is expired in asp pages?
-How to prove that the pages is expired?
I have a count down and a body onload linked to a function that closes the connection on my main page to ensure no user will not leave the page without logout.The problem is that my main page opens several others which I´d ike to close as well after logout.Can I rely on If sessionID="" to close those windows?
View Replies View RelatedI have a form that users fill in and the results are put into a DB by an asp script, this script will then redirect the users to another page where a receipt number is generated and displayed. How can I make the form expire after the user sends the information and the receipt is issued.
View Replies View RelatedAt the moment I am getting the following Expired Warning if a user logins into a secure page and attempts to press the 'back' button:
Warning: Page has Expired The page you requested was created using information you submitted in a form. This page is no longer available. As a security precaution, Internet Explorer does not automatically resubmit your information for you.
To resubmit your information and view this Web page, click the Refresh button. Is there someway to gracefully stop this from happening...in other words.to re-display the login page? Also, what is causiing this? Session Variables?
Is there any way of detecting whether a session variable does not exist because it expired or because it simply did not exist in the first place?
View Replies View RelatedRegarding the Internet Explorer message below:
"Warning: Page has Expired The page you requested was created using
information you submitted in a form. This page is no longer available.
As a security precaution, Internet Explorer does not automatically
resubmit your information for you.
To resubmit your information and view this Web page, click the Refresh
button. "
I'm developing an e-commerce site from scratch.
I've noticed on other e-commerce websites that use other development
tools such as php or probably "websphere" (java) that when clicking
the back button this message appears during a checkout process. This
is good because it reduces customer error in many ways.
I'm using ASP and response.redirect mostly. But, I've noticed that
even setting a page timeout to zero won't stop the caching of the
page. My customer, who just submitted a form, can just click the back
button and the cached page just comes up.
How do I create the error above with ASP?
I have a web pagewhich queries a db and displays information on the
subsequent page. On the subsequent page if I click back to previous page
(this is a button with javascript code on it), it takes me to the previous
page but the page says - "warning page expired".
When I am in my company
work environment, I dont get this page, it properly displays the information
on the previous page but when I go to the client site, it gives me the
problem All of us are on the same IE version and service packs. Could this
be a programming issue or a security issue.
I have a application which is a global login for other applications. Basically application A checks all the user login information and then lists all the applications B-Z that the user has access to.
I have a global.asa file in application A and individual global.asa files in applications B-Z. Applications B-Z are under the Application A directory. Can I have global.asa files in each of the application folders? Does the pages look for the closest global.asa file?
I have to keep track of user login time and logout tme for each application. The problem I run into is how do I record the user logout time when the session expires?
How do you get a web app to not show the 'page has expired...' error and
refresh and requery when you hit the back button after submitting a form I
just want the old data to still be displayed in the form.
I checked knowledge base for this and I do not have "Do not save encrypted
pages to disk" checked and am running IE
6.0.2900.2180.xpsp_sp2_rtm.040803-2158.