I have to hide the length of the password being entered during login of my asp.net web application. I know the asp.net textbox server control has the textmode of password but I can't even show the that. Any suggestions on how to hide the user input?
View 5 RepliesI am using Forms Authentication in a new ASP.NET 3.5 Application.I have created the Tables in my database and run the Web Site Administration Too.When I try to create a user I get a password error no matter what I throw at it and I am becoming sure of that this is a symptom of an a setup error and not a password problem.One of the things that I notice is that my aspnet_Applications is empty and I am not sure what is supposed to fill it.I have tried to delete all the aspnet tables and done the procedure again but with the same result.
View 1 Repliesi want to validate my password textbox that it should be minimum length of 7 charsthe code i m using is this
Code:
if (textbox1.text.legth>7)
{
label1.text=""valid";
}
else
{
label1.text="invalid";
}
now the problem is this is it everytime check when the page is postback i.e when ever page is return from server.
What is the regular expression for accepting password that should accept only 8 characters
Presently iam using this one [a-zA-Z0-9]{8,}$
But it should not accept Special Characters
My Requirement is to Minimum Length of Password Should be 8 Whether it may contain Special Characters, Special Character are not Required Password Should be 8
Anyone know why the minimum password length is 6 chars?
I can't find any reference to this anywhere.
I have create a masterpage and add content page include user (firsname,lastname,password,new password,confirm new password adn etc..)detail update field. i try to give a client side validation all the function work,but in confirm password its not hide wen give a correct password.. anybody give correct solution..code are below..
[Code]....
If I upload a file that is larger than the configs max request length I get a "Server Response Error: Unknown Server Error" alert popup. It asks if I want to see the response page and if I click "OK" an application error window pops up saying "Maximum request length exceeded." I found this already. [URL] I was unsuccessful at getting that to work.
I also found another SO question (I can't seem to find it now) that was similar. The difference was that the OP had asked how to redirect to an error page. I don't want to do that. The answer was to use a custom error redirect that gets setup in the web.config.
I simply want to absorb the error and do nothing, I'm using the OnClientUploadError event to handle the error via js. Basically, I just don't want this stupid popup message.
One odd thing is that I don't see the error when running the app locally, but I do see the error when I've got the app deployed out to our server. Note I should have mentioned that I know about the config value to set the max request length. Setting it to be very large won't work for this instance. Update So, I'm wondering if this could be something with the IIS settings of our server. It's odd that it doesn't happen locally. what I should be looking for? Most of what I find on the net suggests modifying the machine.config. However, as I said before, I don't simply want to up the allowed size. I am handling the error fine via js, I don't want this alert to show up under any circumstances. Update Well, it sounds like the IIS default limit is 30MB.
I need to construct a regular expression for the password textbox, Min:8,Max:16 and must include atleast a number(0-9),alphabets upper and lower case. I am unable to limit the length to 16.
<asp:RegularExpressionValidator ID="RegEx" runat="server" ControlToValidate="Password"
ErrorMessage="Password must be min:8,max:16 characters and include a number,alphabets upper case and lower case.
"ToolTip="Password format is not correct"
ValidationExpression="^(?=.{8})(?=.*d)(?=.*[a-z])(?=.*[A-Z]).*$">
</asp:RegularExpressionValidator>
We have some error reporting code that, when an unhandled exception occurs, we send everything over in an email to our groups. This is great except if an unhandled exception occurs on a page with a password field then it's sent over as plain text.
Is there a way to iterate through Request.Form and figure out which item(s) are passwords? This is done at a low level so we can't look for specific controls.
Naturally, we could check to see what type the input box is but I'm not sure if that's the cleanest way. Advice?
I want to hide the username and password of the connectionstring. Do I just need to set persistsecurityinfo to false?
View 1 RepliesWe're migrating one of our sites to ASP.Net. We do not want to use integrated security, which uses the windows account to connect to sql server (not going to get into why, its just out of the question). We created a username and password to connect to SQL Server, and would like to use that username and password, however, we also do not want other developers to see this information (easily read from the web.config).... I know it can be encrypted, but it can just as easily be decrypted by the developers - plus encryption has a performance hit.
View 5 RepliesLDAP - directory entry issue with out user and password using impersonate and windows authentication
View 1 RepliesI have a datagrid and I set up the paging based on how many rows there are like this
With dgBookings
.AllowPaging = True
.PagerStyle.Mode = PagerMode.NumericPages
.PagerStyle.PageButtonCount = 5
.PageSize = 5
End With
Is there a way to set the horizontal-align in the code too I tried adding this
.PagerStyle.HorizontalAlign = Right
and I get this errorArgument not specified for parameter 'Length' of 'Public Function Right(str As String, Length As Integer) As String'.
I can recover my password but when I try to change my password to something a bit easier to remember it gives me:
Password incorrect or New Password invalid. New Password length minimum: 7. Non-alphanumeric characters required: 1.
When a user that has their IE set to save passwords hits my "Reset Password" form, the first text box set with TextMode set to "Password" is populated with the users saved password. Understandable, this is not the affect I would like as this is their "old" password. I cannot set the text of a text box with mode set to "Password" (naturally). Does someone know how to suppress or clear this value when IE is saving passwords?
View 4 RepliesDoes anyone has a solution (sample code) for the following features:
Create a randomGuid/Cryptographically strong random number Send a unique URL containing the random number to the user's email address When confirmed, the user is asked to change password
My provider is currently parametrized this way:
[code]....
The security issues with this type of procedure have been discussed here before.
I am using the below post to encrypt and decrypt the password.
ENCRYPT POST
Now my code is working for Encryption. But now what I want is,
When I am using Forgot passwprd functionality, I want to send the decrypted password to the respective user in the Email.
In my database table the password is saved in the Encrypted format.
I have the code decrypt code from the above mentioned post, the question is where to place in the below code so that it will decrypt it properly
Here is my code:-
protected void btnSubmit_Click(object sender, EventArgs e) {
DataSet ds = new DataSet();
using (SqlConnection conn = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["DefaultCSRConnection"].ConnectionString)) {
conn.Open();
[Code] ....
My company has some unique password policies (such as a pwd cannot be re-used for 6 months, aside from the must include #, special character, upper & lower case)Can anyone suggest how to go about ensuring that a new user's password complies with these policies (using forms authentication in .net 3.5 framework)?
View 2 RepliesI using change password control, how can i change the password without enter the current password?
View 8 RepliesURL...how we can sending formatted email now in my Login.aspx page i have Textbox that when users forget their password they should type their Username on the textbox and after that click on send button.I want when users click on send button their user name that they type in textbox be on the email that send to me .
View 1 RepliesI'm using the ChangePassword method of membership provider to change the password and one of the requirement before calling the ChangePassword is to retrieve the current password. But I'm getting error:
padding is invalid and cannot be removed
below is my web.config:
[code]....
I have a web form, which is to allow user to reset their password. When I clicked on the button, I got this error
"Input string was not in a correct format."
The code behind the button is:
[Code]....
When the user types in the new password, this new password will be hashed upon clicking the button and saved into the database.
I have written a javascript code for handling the password functionality. The scenario is: when user wants to change the old password, he cannot fill the same old password again. I have written the code. But even the simple alert of blank textbox is not working. See the code for reference:
Javascript code:-
<script type="text/javascript">
function ltrim(str) {
var reg
reg = /^s+/g
return str.replace(reg, "")
}
function rtrim(str) {
[Code] .....
aspx code:-
<tr>
<td class="auto-style1">Old Password</td>
<td class="auto-style2">
<asp:TextBox ID="txtOldPassword" runat="server" TextMode="Password" class="txtcareer"></asp:TextBox>
<asp:RequiredFieldValidator ID="reqtxtOldPassword" ControlToValidate="txtOldPassword" runat="server" ErrorMessage="*"></asp:RequiredFieldValidator>
[Code] ...
Why this is not working...
I had been trying to solve this but there is a hidden key i wish someone point me to.
I had a simple membership database with users in first the Membership Provider configured for clear password to retrieve the original password .
Now a new requirement say that the password must be hashed and reset .
I configure the Membership password to hash , and Implemented the Reset Password Module.
My problem is as follow.
If the user is new registered user with the new configuration the password and the security answer is hashed.
also when I go and reset the password it continue to be hashed.
Now I thought that with new configuration if any previous user with clear text configuration , If he use the password Reset module , because my configuration now is hashed , I expected that the new password and security answer will be hashed . what happen is old user continue in clear text even if the configuration is hashed. so If I had new users everything is fine.
old users Membership Provider somehow know they had been stored in clear text and it keep change password and security answer in clear text . If I delete this user and create it , Membership Provider understand that everything will be hashed. I need to know how it know this , I need to migrate users not to delete and recreate users .
Also if there are no solution for that , I wish Microsoft Consider it in future cause it is a real user scenario, that can happen imagine a business system that related to membership user Id , deleting users and recreate them is not a solution .
I need a control that will accept an email address and password/verify with a password strength indicator.
Has anyone seen a similar type control?