Password expiration good practice.

Discussion in 'ASP .Net Security' started by Mathieu Pagé, Jan 8, 2008.

  1. Hi,

    In my ASP.NET application I want the password to expires after some
    time. When a user sign in and his password is expired I automatically
    send him to the change password page with a message explaining why he is
    required to change his password.

    What I want to do is prevent him to browse to any other page (whether by
    using a link or by entering an other page URL in his browser) before his
    password has been changed.

    The only way I can think of, and I don't like it, is to check in the
    OnLoad of every pages if the password is not expired and redirect the
    user if it is.

    Since this a common scenario, I suppose there is some etablished "good
    practices" already know to deal with this problem. So i'm here, asking
    you : Is there an elegant way to prevent a logged user from browsing my
    site before he change his password?

    Thanks in advance,

    Mathieu Pagé
     
    Mathieu Pagé, Jan 8, 2008
    #1
    1. Advertising

  2. On Jan 8, 4:05 pm, Mathieu Pagé <mathieu.page@_SPAMNOT_csfinc.com>
    wrote:
    > ...to check in the
    > OnLoad of every pages if the password is not expired and redirect the
    > user if it is.


    Mathieu, I think it should be done after the login process, e.g. in
    the login.aspx only. After authenticating user you will check if
    password is expired, or not and if it is expired he/she should be
    redirected to the "renew password" form.
     
    Alexey Smirnov, Jan 14, 2008
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. vlsidesign
    Replies:
    26
    Views:
    1,042
    Keith Thompson
    Jan 2, 2007
  2. SM
    Replies:
    9
    Views:
    529
  3. AAaron123
    Replies:
    2
    Views:
    2,363
    AAaron123
    Jan 16, 2009
  4. AAaron123
    Replies:
    1
    Views:
    1,418
    Oriane
    Jan 16, 2009
  5. J
    Replies:
    1
    Views:
    601
    Joe Kaplan
    Jul 5, 2007
Loading...

Share This Page