I am introducing a password login script to my site.I know how to password the site but am looking for good ways to password protect to users can only access their details and no-one elses.Also i was wondering whether to use SSL or not.
View RepliesIs there other forms of security that works together with a login and logout system?
Perhaps a registry key protection of some sort. The project management system will be used by users around the world. Tieing the user name and password to the IP address will not be a good idea as some users might be on dynamic IP.
I would like to tie the user name and password to only that specific machine that they are using. Perhaps grabbing hold of the computer's hardware specifications? So if the user uses another system to login , he or she will not be able to.
How am i going to make sure the user login first before going to the actual page. Below is the verification for each page. How am I going to combine html and asp code together? Code:
View Replies View RelatedBasically what the title says. Im looking into and currently trying to develop a nice secure login. To be honest for this project not much of a security issue but yet learning now will help later.
For this instance though there will be a minimum 1 login user to maybe 4 users. A database in this instance to maybe store the encrypted password dont seem worth while so what other way am I best doing ? Or is still the database the ideal method as obviously they have to be stored somewhere.
I got this error.
Microsoft JET Database Engine error '80040e4d'
Not a valid password.
/zbgamers/login.asp, line 13
here is my code:
Set DB = Server.CreateObject("ADODB.Connection")
Set TBL = Server.CreateObject("ADODB.RecordSet")
DB.Mode = adModeReadWrite
DB.Open ("PROVIDER=Microsoft.Jet.OLEDB.4.0;DATA SOURCE=" + Server.MapPath("DSN_CSG.mdb"))
I am new to ASP security. I want to know what is the best way to store
database password in ASP application? Or if there are any places to
store in IIS? I tried to store the password in VB DLL file, but looks
like when I open the DLL file, I can still see the plain text password.
I would like to know something about placing a password for a database in an external file, something like a global.asa file or a included file. I'm using an access database and ASP. how do I make this file and how do I attach it to my website. I thought this might be useful for extra database security, is this true?
The database is located in a folder that is protected by the hosting provider and you can only download the database using a login name and password and you can change data trough webpages (update, delete and insert).This has all about database security, I want to make my database as secure as possible, I'm already using SSL certificates.
I am trying to create a "Members Only" section of my website. I have an Access Database to store usernames and passwords and I am using Frontpage 2003.
I have very little ASP experience and am having trouble finding some help on this subject that is understandable. I already have a global.asa file on the site because I currently have a page with a form that writes to the database.
What I would like to know is how to setup a login screen to get to the members only side of the site which will validate against the password table in the database.
I am currently writing a little gadget where users can create, delete, alter... tables in a database. Some kind of MyAspAdmin... Everything works fine as long as I specify the MSSQL-Login-Infos database, user and password.
But if I want to make it possible to switch from one database to another, here comes the problem: The user has to choose a database that he wants to work in, and type in user and password.
I need the (probably very easy) solution, how i can check if this user/password/chosen_database combination is correct. Code:
I am looking for a simple code of login to db
of asp dotnet (vb dotnet code).
with user name + password & simple database.
When login to database - I want to see a table data with all it's columns.
I am trying to connect to a database and verify a users login and password,
then based on that login information display 3 pages based on their login.
On the home page if they are NOT logged in, I need it to display the login
box, if they ARE logged in I want it to display Welcome Customer Name from a
database called vcust.dbf which contains both the username and password
fields.
The two other pages will be based on the username (which is actually my
customers customer number ... example '100001'). I am needing to display
the customers account informaiton on one page from the vcust.dbf and their
rental history on another page from records.dbf. Code:
I am working on a CMS website which uses a access database.
When a user adds a page a record is added to a table in the database. The user choses the page style from a selection of 7 or 8 layouts.
I have been asked to find out if I can password protect one of those pages??
I have tried a few sites but not found much. The it has been done before is to add a password protected layout and build a login area into the site.
The effect i want is for the user to click the page and a username and password box will apear?
First my database consists of a couple tables.MyUsers (records - username, password, tablename)User1 (records - record 1, record2, record3)User2 (records - record 1, record2, record3)
What I have a username and password login. When they login I need asp to look up in a database (table - myusers) and if the username and password match one of the records then take the third record (which is actually a reference to that user own table) and store it in a variable.
I then need to read that users table and display all the info in that table on a new page for only that user to view.
Below are the files that I have. I have been messing around with it with another example so some of the code might be a little misleading....
I am trying to build a secure web login that allows me to identify the person logging in by a "Welcome user" message that comes up when they reach the destination page.
Also, I want the person to be able to update their personal info and such when they are in the site. I know how to update a record, but I am unsure as how to tell the database which record to update based on the person who is logged in.
Unless you declared those session variables earlier, they have no data in them. Assuming this information is coming from a form, try using request.form("fieldname") instead of the session variables.
If this doesn't address your problem, give more detail about what "isn't working"
I have index.asp (Form) & process.asp (submit data from index.asp to Access Database), the Form is running Perfectly.
But, How can I create a login name and page for the applicants to edit the information they submitted?
Let say I have Email (username), Password (password) & lastname on index.asp, then I really have no clue!
I have a client who wants to password protect a learning course that is set up in modules. Each module needs to have it's own password protection so users can only access them as they progress through the course.
Each user should have their own password (for each module) and, said client would like the password to expire for the user at some (predetermined?) point. Is this possible? It seems like a lot (in terms of setup), but I don't know much about password stuff.
If it is possible, can someone give me an overview of how it works (theoretically) or where to find more specific info on setting something like this up (in ASP.net)
If it isn't possible, can someone suggest what is more reasonable in terms of protecting the modules?
I created sessions to authenticate username and password. How can I utilize this same script to alert the user to change password at 3rd login? In other words when a user logs into a site after the 3 or 4th time which ever, they are prompted to change their password. Code:
View Replies View RelatedI am building a website to pull data from a remote https site using xmlhttp. The data from the https site is behind a login screen. I can successfully get through the login screen with:
set objXMLHTTP = Server.CreateObject("Msxml2.ServerXMLHTTP")
objXMLHTTP.Open "POST", "https://website.com/validate-login2.asp", false
objXMLHTTP.SetRequestHeader "Content-Type", "application/x-www-form-urlencoded"
objXMLHTTP.Send "Username=uname&password=pwd&company=O"
That works great - but then, when I try to go to the next page (where the data is that I want to pull) - I use the same process and I get kicked back out to the login screen? Could there be some cookies, referer, strings being passed normally that I am not including in my second request - How do i find out for sure?
I have used the software IETrace and it looks like some cookies being passed, but how do I know for sure if (and what exactly) it is using?
The SQLServer and Web server are different computers. The error I got when logging on as ONLINE/ONLINE is "Cannot open database requested in login '<mydbname>'. Login fails.
/<mysitename>/validate.asp, line 12
Line 12 is: objConnection.Open Session("ConnectionParameter")
In global.asa, the setting is:
If Session("DataBaseBrand") = "SQLSERVER" Then
Session("ConnectionParameter") = "DSN=Alecto;UId=ONLINE;Pwd=ONLINE"
The names of UserID/Password fields on the form are dfsUserID/dfsPasswd
Below is validate.asp: Code:
I want to login to a page using MSXML2.ServerXMLHTTP.4.0 or an object like this, I must send the form variables needed to login when I try to login to the page. But the problem is, that the page looks like a exe file (not a asp file or php file or what ever). The name of the page I try to login is something like "/pw?/session/login", nothing more, without extension. I have tried the code with a normal asp file with session registration and login process and it worked, but not with this file.
View Replies View Relatedwhere do you enter in the password for the connection to use?
set objConn = server.createObject("ADODB.CONNECTION")
objConn.Provider="Microsoft.Jet.OLEDB.4.0";"Password"
?
I am logged into nt and running an asp page.
I know that I can get my username from the server variable LOGON_USER or
AUTH_USER but the AUTH_PASSWORD seems to be empty.
Is there a way to retreive the current logged passsword
I just setup a passwrod button in Outlook Web Access by using the IISADMPWD directory in IIS.I have a few problems.can u solve it.
1. I would like the account section to be automatically filled by IIS.
2. I would like the back button to actually be a button not a link.
I have created one of those change your password forms whereby the the old password and new password are provided.
What I am having trouble with is ensuring that the old password entered actually exists already. Below is what I have tried, but I am getting a syntax error:
Code:
'Check Password
if request.form("CusPassword")<>rsCheckUser.fields("CustomerPassword") then
response.write "Invalid password"
end if
Else
if request.form("CusPassword")= rsCheckUser.fields("CustomerPassword") then
'write new password to databasestrSQL ="UPDATE Customer Set CustomerPassword ='"& NewPassword& "',CustomerPasswordverified ='"& NewPassword& "' where CustomerEmail = '"&CusEmail&"' "
I want to create a password validation system..... There are two text boxes.... I want to make sure that the passwords are the same and that they are more than 8 characters.
View Replies View RelatedIm planning to encrypt the password that was stored on msaccess database and
also the text inputed from a password textbox. Also, if I want to get the
password from the database, I need to decrypt it so it can be comparable to
the one that is inputed on the textbox. Is there a way on how to handle
this?
Public Shared Function Encriptar(ByVal cleanString As String) As String
Dim clearBytes As [Byte]()
clearBytes = New UnicodeEncoding().GetBytes(cleanString)
Dim hashedBytes As [Byte]() = CType(CryptoConfig.CreateFromName("MD5"),
HashAlgorithm).ComputeHash(clearBytes)
Dim hashedText As String = BitConverter.ToString(hashedBytes)
Return hashedText
End Function
this function encrypt user password, I need to un-encrypt that password
thanks to sitepoint forum,i am requesting a problem about forgot password .
if user forgot his/her password how can i retun his/her same password in email address?
i did like this:
......................
<%
Set myMail=CreateObject("CDO.Message")
myMail.Subject="your password"
myMail.From="codes"
myMail.To=ml 'ml var return current email address
myMail.TextBody=yrpass 'yrpass variable return password
myMail.Send
set myMail=nothing
%>
...................
does anybody here have codes for "change password"?i am using dreamweaver 8 and MS Access
View Replies View RelatedI have a form and iwant to check if the password which gives the user is between 3 to 6 characters "alpanumeric" there is something in asp code to do this?
View Replies View RelatedAny thoughts on requirements for a password?I've been thinking about
the following
Minimum six characters
Must contain at least 1 number and at least 1 letter
Cannot contain the user's first or last name
Cannot contain the user name of the person's email address
Cannot contain the domain name of the person's email address
My form accepts user name and password. I want to encrypt the password when I send it to the server. I think I can use windows advapi32.dll functions to encrypt and decrypt the data. Does anybody know if I can use this dll directly in my asp? Do I have to write customized dll which uses advapi32.dll and then use the customized dll in the asp?
View Replies View Related