You do not have control over this unfortunately. In
fact, if the users are on your local network they could
easily configure IE to just pass through their
credentials without prompting. To address this security
concern you can do two things:
1. Educate users to not do it (best approach)
2. Programatically login to the domain using forms
authentication going against Active Directory. You might
not be using a domain to authenticate, but if you are
here's a good link to a VB.Net sample of using forms
authentication against Active Directory:
http://support.microsoft.com/default.aspx?scid=kb;EN-
US;326340
Choice two is good because any browser can support NTLM
authenication. Only IE and Mozilla/Netscape support
NTLM. No support for Apple Safari or Konqueror on Linux.
Good luck.
>-----Original Message-----
>I have developed a web site running on Win2k and IIS.
>It uses Integrated Windows Authentication. When the
user
>selects
>the URL for the site, they are prompted for their Network
>Password. On this dialog is a checkbox 'Save this
>password
>to your password list'. If the user checks this, their
>password
>will be pre-entered the next time the page is opened.
>
>My question is, How can I force the
>users to have to enter their password even if they
>have checked the 'Save Password' box?
>.
>
Similar Threads
