password

password

• cmenge

  Here's a little bit more for your consideration:

  SysUsers

  ID	UserName	Password	Privileges	FullName	Last Login date	PwdChng
  1	renee	******	Yes	Renee	1/20/2003 5:49:27 PM	Yes
  2	kathleen	******	Yes	Kathleen		No
  3	Kelly	*****	No	Kelly		No
  13	Gloria	******	No	Gloria Steinem	1/19/2003 8:03:01 PM	No

  written from memory..... We have collected the username and passwword

  dim Table as Datable = adodb.gettable("SysUsers") 'Member variable
  dim PrivilegedUser as boolean
  dim LoggedOn as Boolean

  if not ValidateUser(Username,Password) then end

  'Process code here

  End Sub

  Private Function ValidateUser(Byval UserName as String, Byval Password String) as boolean

  For each row as DataRow in Table.Rows

  if ((UserName = row("UserName") and (Password = row("Password"))) then
  If Row( "Privileges") then PrivilegedUser = true Else PrivilegedUser = false
  LoggedOn = true
  return true
  End IF

  Next

  Return False

  End Function

  Hows that

  This is a gross simplification because I also had "Evasion" as part of the login scheme. If a user failed to log in three time within a rolling interval, the application hid for about 5 minutes as a security enhancement.

  
  
  

• 96RT10

  for instance, if textbox1 is the username and textbox2 is the password
  
  Dim myQuery As String = "Select [Pword]From Table1 WHERE [Uname]='" + textbox1.text + "'"
  Dim myConn1 As OleDbConnection = New OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0; Data Source=The file etc.")
  Dim myCommand1 As OleDbCommand = New OleDbCommand(myquery1, myConn1)
  myConn1.Open()
  Dim myReader1 As OleDbDataReader = myCommand1.ExecuteReader(CommandBehavior.CloseConnection)
  myReader1.Read()
  if myReader1.GetString(0) = textbox2.text then
  msgbox("huzah, you've entered the system")
  else
  msgbox("mm, you've entered some fishy info")
  end if
  
  
  

• Brennan

  I have a few usernames and passwords or sale if you're interested...
  
  

• Billy Anders - MSFT

   

   

  Usually, I talk about encryption... had I done that...

  We would not have been treated to you and your incredibly charming soapbox.

  I love the way you do that !

  
  
  

• Merdon

  Write a query which takes password and user name and verifies it in the database and returns true or false if a match is found on a table in the database. (Simple SQL Query)

  Simply call this access query using the entered username and password and take action depending upon the result.

  
  

• anarbek

  I bet you're really BonJovi

  
  
  

• Sundar Rangharajan

  I'll add that you need to add ENCRYPTION TO THE PASSWORD.

  I'll say it again, because theres' something very important you need to do and that is ADD ENCRYPTION TO THE PASSWORD!. That's ENCRYPTION!

  You don't need to have a reversable encryption, just a one way hash is the best way. .NET Makes it ever so easy to create a nice bit of hash with salt.

  Never, ever, ever, ever write a program which uses stored passwords in this way, never store the passwords as straight plain text.

  Here's why:

  1. How many passwords do you (as an indivdual) have
  2. Do you write them all down How do you remember them all Are some of them the same Perhaps you use the same password for multiple applications (Banking, Netflix, Credit Card, Work Password, AS400 Password...)
  3. uh, oh. New application which requires another silly password...I'll just use the usual one...
  4. Database gets 'stolen'
  5. Thief now has access to Glorias Netflix Queue, Work Computer and AS400 account....

  I'll say that it's so easy to add one-way encryption that there's absolutely no excuse not to use it.

  (I know, Renee that you were just showing an example......)

  
  
  
• password