We have a web application where we want a user to be able to change his/her password if the password has expired but we are unable to do this with ASP at the moment because we can't log the user into the database without a valid password.
We do not want to store any "admin" user info to connect to the database to change the users password for security issues.Does anyone have any ideas of how we could go about doing this?
I've create a log in page connecting to a database that stores its passwords in MD5. Can someone point me in the right direction on how I can get my login page to recognize those passwords? Here's the code I'm using: Code:
i have the following code to check if two password fields submitted equal each other. If they do then passwordok = 1 else it = 0. No matter that i put in the two fields it always = 0. can anyone see whats wrong? Code:
Can anyone tell me how to apply a password to an Access database and then open the database with ASP. I know how to do this without the password, but have not been able to make the password work.
In my access database i have 2 tables called seceret question and secret answer. I would like to provide users with thier passwords without using emails. There would be a screen where they can enter thier username, secret answer then thier password will be displayed on the screen. Or alternatively they could just enter thier username and thier password
Can someone help me with creating a password in asp? i know how to create a password for a single user, so how would you create one for multiple users? also i want to know how it is stored in a database, e.g. MS Access
I made a website for my work and we have it secure to where you have to login when you come to the site. But for some reason when you use the check box to SAVE PASSWORD it will not save the password.
So each time a client comes back to the site they have to put thier password in (and they arent happy about it) Just wondering if there is a setting I can turn off or turn on to enable the passwords to be saved.
I have an access dbase that holds and an expiry date. I need to compare the expiry date with the current date and if it is later than the current date it will allow access (if the username password is correct of course)otherwise it will display an error message saying that membership has expired.
what is the best way to create secure passwords in a database. I have a login system that can create users but it saves the users passwords in clear text. how would i go about doing this so if people look in the database they will not know the password.
I'm working in ASP (not ASP.NET), and want to create a user database, with username and password. Though it isn't really necessary, since the program will be used on an intranet and by few people, I'd like to have the passwords stored and compared as hash values, for extra security.
However, I'm having trouble finding out how to do hashes in ASP. All the exampes I'm finding are for ASP.NET (and, no, I can't upgrade.) What function(s) would I use for hashing in ASP? Can it even be done?
What I want is to have a user log on with a username/password which I give to them. When they type it in I want it to direct them towards a specific form for them.
What I am doing is running a soccer league. so I want a team to be able to log in and then show up a form where they can enter stats from their game, and about their players which will go into a database. I am unsure how to go about having a different form show up for different users.
does anyone know of any good tutorials on how to get a login and password checker.
basically ive got a home page with forms to log in and give password which get sent to an asp page i then need to check that username and password with the relevent one in the database or check if they are wrong or do not exist.
I have a requirement to enforce strong passwords from a customer, and I can only assume they won't be the last to ask for it.
Does anyone have any pointers for handling complex passwords? In this particular case I need to enforce.
between 6 and 16 Case Sensitive AlphaNumerics with at least one non-AlphaNumeric character. min and max I've got, but I'm not sure where to go with the rest.
I'm trying to create a MySQL table for users in a Drupal install (as I've accidentally deleted it).
So, i go through my existing tblContacts and write out Firstname, Lastname, email, password, etc., formatted for MySQL.
Everything goes perfect UNTIL i try to MD5 hash the password (via the included MD5_js.asp): for some reason, it is returning the same hash for every user. If the hash function is not applied, each users unique password appears as normal. Code:
I need to tighten up security on my page... only thing is, I can't change file permissions. I have databases and normal files (.dat) that I don't want someone to be able to just type the URL to and be able to get into it all. For example, I have a database with usernames and passwords, but if someone found out/guessed the URL of the DB then they could open it all.
how can I use Encrypt in Access so that if someone guessed the URL then they couldn't just open it? Basically, I know how to do that in Access... but what I don't know is what code to add to my ASP pages to decrypt/un-password protect it so I can open it. If it is possible to stop someone from having access to a file by just using global.asa.
I am using the ADSI objects to retrieve groups and users informations. If possible, how can I retrieve the user password? I've search in Microsoft.com but I find only the SetPassword function (that of course changes the user password).
I have a ASP/vbscript program that generates random passwords. The problem is I need to insert those passwords into an Access database of 327 clients. I have the random password program generating the 327 passwords, but have had no luck inserting them. Code:
Having some problems updating a recordset, despite the fact that I've used the bulk of the code sucessfully in other projects. I seem to be able to add records no problem, but when I try to update them I get Code:
How do you get a web app to not show the 'page has expired...' error and refresh and requery when you hit the back button after submitting a form? I just want the old data to still be displayed in the form so the user can go back, make a few changes, and submit again.
I checked knowledge base for this and I do not have "Do not save encrypted pages to disk" checked and the user is running IE 6.0.2900.2180.xpsp_sp2_rtm.040803-2158 I am running server2003 and IE 6.0.3790.0 update version 3283 and I don't have the problem.
I want to show users a custom "Page Expired" page when users go back to the previous page by clicking the "Back" button of the browser (or when he right-clicks anywhere on the current page & selects "Back" from the menu). How do I do this?
I have a count down and a body onload linked to a function that closes the connection on my main page to ensure no user will not leave the page without logout.The problem is that my main page opens several others which I´d ike to close as well after logout.Can I rely on If sessionID="" to close those windows?
I have a form that users fill in and the results are put into a DB by an asp script, this script will then redirect the users to another page where a receipt number is generated and displayed. How can I make the form expire after the user sends the information and the receipt is issued.
At the moment I am getting the following Expired Warning if a user logins into a secure page and attempts to press the 'back' button:
Warning: Page has Expired The page you requested was created using information you submitted in a form. This page is no longer available. As a security precaution, Internet Explorer does not automatically resubmit your information for you.
To resubmit your information and view this Web page, click the Refresh button. Is there someway to gracefully stop this from happening...in other words.to re-display the login page? Also, what is causiing this? Session Variables?
"Warning: Page has Expired The page you requested was created using information you submitted in a form. This page is no longer available.
As a security precaution, Internet Explorer does not automatically resubmit your information for you.
To resubmit your information and view this Web page, click the Refresh button. "
I'm developing an e-commerce site from scratch.
I've noticed on other e-commerce websites that use other development tools such as php or probably "websphere" (java) that when clicking the back button this message appears during a checkout process. This is good because it reduces customer error in many ways.
I'm using ASP and response.redirect mostly. But, I've noticed that even setting a page timeout to zero won't stop the caching of the page. My customer, who just submitted a form, can just click the back button and the cached page just comes up.
I have a web pagewhich queries a db and displays information on the subsequent page. On the subsequent page if I click back to previous page (this is a button with javascript code on it), it takes me to the previous page but the page says - "warning page expired".
When I am in my company work environment, I dont get this page, it properly displays the information on the previous page but when I go to the client site, it gives me the problem All of us are on the same IE version and service packs. Could this be a programming issue or a security issue.
I have a application which is a global login for other applications. Basically application A checks all the user login information and then lists all the applications B-Z that the user has access to.
I have a global.asa file in application A and individual global.asa files in applications B-Z. Applications B-Z are under the Application A directory. Can I have global.asa files in each of the application folders? Does the pages look for the closest global.asa file?
I have to keep track of user login time and logout tme for each application. The problem I run into is how do I record the user logout time when the session expires?
How do you get a web app to not show the 'page has expired...' error and refresh and requery when you hit the back button after submitting a form I just want the old data to still be displayed in the form.
I checked knowledge base for this and I do not have "Do not save encrypted pages to disk" checked and am running IE 6.0.2900.2180.xpsp_sp2_rtm.040803-2158.