Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
Security Users table with naked passwords
Message
 
To
16/07/2004 07:34:00
Tony Scarpelli
Maine Medical Center
Portland, Maine, United States
General information
Forum:
ASP.NET
Category:
The Mere Mortals .NET Framework
Title:
Re: Security Users table with naked passwords
Miscellaneous
Thread ID:
00925092
Message ID:
00925138
Views:
17
Tony,

I have not done this in the .Net version of the framework yet, but I did it in VFP and it was not very hard. I just added a hashing algorithm to the LoginForm, ValidIdAndPassword method. If encryption is turned on, it encrypts what the user enters and compares it to the stored value in the users table. The other place you need to change is the User Maintenance Form so you use the smae encryption to store the password.

Kind Regards,

Mat


>In the Users table the password is visible and not encrypted in any way.
>
>Is this a problem?
>
>Since I am not the administrator of our SQL Server can't administrators look at these tables and see those passwords?
>
>This application is for a Purchasing system and Internal Auditing would have a fit about this.
>
>Should I be developing a method to encrypt those passwords so no one can see them?
>
>Thanks.
Matthew Kennedy
Decision Support Technology Inc.

"I try to take one day at a time, but sometimes several days attack me all at once." ~ Ashleigh Brilliant

New Jersey Dot Net User Group
Previous
Reply
Map
View

Click here to load this message in the networking platform