Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP General > password requirements

Reply
Thread Tools

password requirements

 
 
Bryan Harrington
Guest
Posts: n/a
 
      11-24-2003
Hello.. I'm trying to come up with a good way to have password requirements
(i.e., length, Upper/Lower case mix, x number of Alpha, x number of numeric,
etc.) configurable by installed site.

The two customers that I'm working with on this app right now have 2 very
different password requirements, I'd rather not have to re-write the signup
and login page for each customer.

I'm working in classic ASP, but .. ASP.NET is not out of the question.

Does anyone have any good insight? Good links?

Thanks!



 
Reply With Quote
 
 
 
 
Dan Brussee
Guest
Posts: n/a
 
      11-25-2003
On Mon, 24 Nov 2003 16:53:41 -0500, "Bryan Harrington"
<(E-Mail Removed)> wrote:

>Hello.. I'm trying to come up with a good way to have password requirements
>(i.e., length, Upper/Lower case mix, x number of Alpha, x number of numeric,
>etc.) configurable by installed site.
>
>The two customers that I'm working with on this app right now have 2 very
>different password requirements, I'd rather not have to re-write the signup
>and login page for each customer.
>
>I'm working in classic ASP, but .. ASP.NET is not out of the question.
>


Write the code to support any number of these types of requirements
and set flags in the database to require any number of them...

MinLength = 0 ' No minimum length
MinLength = 10 ' at least 10 chars long
ReqireMixCase = True
RequireDigits = True
RequireChars = True
RequireNonAlphaChars = True
ExpirationDays = 0 ' No expiration
ReminderDays = 0 ' No reminder period
AllowSpaces = False

etc, etc

 
Reply With Quote
 
 
 
 
Rob Meade
Guest
Posts: n/a
 
      11-25-2003
"Bryan Harrington" wrote ...

[..snip..]

I'd concur on Dans posting with regards to this - we've written a single
login application (if you can call it an application as such) for our secure
applications within our organisation in the NHS.

We have the same as Dan points out along with whether or not special
characters are allowed on so on - it means you can customise it per
application/client or whatever...

Regards

Rob


 
Reply With Quote
 
Bryan Harrington
Guest
Posts: n/a
 
      11-25-2003
So do you then create RegExp on the fly based on whats in the database? Or
are you using a series of functions and a series of

if x = y then go do function z?

Thanks!


"Dan Brussee" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> On Mon, 24 Nov 2003 16:53:41 -0500, "Bryan Harrington"
> <(E-Mail Removed)> wrote:
>
> >Hello.. I'm trying to come up with a good way to have password

requirements
> >(i.e., length, Upper/Lower case mix, x number of Alpha, x number of

numeric,
> >etc.) configurable by installed site.
> >
> >The two customers that I'm working with on this app right now have 2 very
> >different password requirements, I'd rather not have to re-write the

signup
> >and login page for each customer.
> >
> >I'm working in classic ASP, but .. ASP.NET is not out of the question.
> >

>
> Write the code to support any number of these types of requirements
> and set flags in the database to require any number of them...
>
> MinLength = 0 ' No minimum length
> MinLength = 10 ' at least 10 chars long
> ReqireMixCase = True
> RequireDigits = True
> RequireChars = True
> RequireNonAlphaChars = True
> ExpirationDays = 0 ' No expiration
> ReminderDays = 0 ' No reminder period
> AllowSpaces = False
>
> etc, etc
>



 
Reply With Quote
 
Rob Meade
Guest
Posts: n/a
 
      11-25-2003
"Bryan Harrington" wrote ...

> So do you then create RegExp on the fly based on whats in the database? Or
> are you using a series of functions and a series of
>
> if x = y then go do function z?


In what we use I have a series of If...Then's - because I have no idea how
to us regular expressions

With ours I also set error flags and messages to send back to the form to -
which is quite handy to give the users an idea of whats gone wrong and why

My.Pa55w0rD

isn't valid )

Regards

Rob


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Reg expression for password complexity requirements shimshim@gmail.com Javascript 7 05-29-2009 11:31 AM
Change a users password without knowing the old password nor the answer to the password question AAaron123 ASP .Net 1 01-16-2009 02:56 PM
Changing a users password without knowing the old password nor the answer to the password question AAaron123 ASP .Net 2 01-16-2009 02:08 PM
Confused about modifying password strength requirements in ASP.NET 2.0. Paul ASP .Net 3 06-07-2007 04:01 PM
Password Requirements David C. Holley ASP General 5 03-07-2004 02:38 AM



Advertisments