password requirements

Discussion in 'ASP General' started by Bryan Harrington, Nov 24, 2003.

  1. Hello.. I'm trying to come up with a good way to have password requirements
    (i.e., length, Upper/Lower case mix, x number of Alpha, x number of numeric,
    etc.) configurable by installed site.

    The two customers that I'm working with on this app right now have 2 very
    different password requirements, I'd rather not have to re-write the signup
    and login page for each customer.

    I'm working in classic ASP, but .. ASP.NET is not out of the question.

    Does anyone have any good insight? Good links?

    Thanks!
     
    Bryan Harrington, Nov 24, 2003
    #1
    1. Advertising

  2. Bryan Harrington

    Dan Brussee Guest

    On Mon, 24 Nov 2003 16:53:41 -0500, "Bryan Harrington"
    <> wrote:

    >Hello.. I'm trying to come up with a good way to have password requirements
    >(i.e., length, Upper/Lower case mix, x number of Alpha, x number of numeric,
    >etc.) configurable by installed site.
    >
    >The two customers that I'm working with on this app right now have 2 very
    >different password requirements, I'd rather not have to re-write the signup
    >and login page for each customer.
    >
    >I'm working in classic ASP, but .. ASP.NET is not out of the question.
    >


    Write the code to support any number of these types of requirements
    and set flags in the database to require any number of them...

    MinLength = 0 ' No minimum length
    MinLength = 10 ' at least 10 chars long
    ReqireMixCase = True
    RequireDigits = True
    RequireChars = True
    RequireNonAlphaChars = True
    ExpirationDays = 0 ' No expiration
    ReminderDays = 0 ' No reminder period
    AllowSpaces = False

    etc, etc
     
    Dan Brussee, Nov 25, 2003
    #2
    1. Advertising

  3. Bryan Harrington

    Rob Meade Guest

    "Bryan Harrington" wrote ...

    [..snip..]

    I'd concur on Dans posting with regards to this - we've written a single
    login application (if you can call it an application as such) for our secure
    applications within our organisation in the NHS.

    We have the same as Dan points out along with whether or not special
    characters are allowed on so on - it means you can customise it per
    application/client or whatever...

    Regards

    Rob
     
    Rob Meade, Nov 25, 2003
    #3
  4. So do you then create RegExp on the fly based on whats in the database? Or
    are you using a series of functions and a series of

    if x = y then go do function z?

    Thanks!


    "Dan Brussee" <> wrote in message
    news:...
    > On Mon, 24 Nov 2003 16:53:41 -0500, "Bryan Harrington"
    > <> wrote:
    >
    > >Hello.. I'm trying to come up with a good way to have password

    requirements
    > >(i.e., length, Upper/Lower case mix, x number of Alpha, x number of

    numeric,
    > >etc.) configurable by installed site.
    > >
    > >The two customers that I'm working with on this app right now have 2 very
    > >different password requirements, I'd rather not have to re-write the

    signup
    > >and login page for each customer.
    > >
    > >I'm working in classic ASP, but .. ASP.NET is not out of the question.
    > >

    >
    > Write the code to support any number of these types of requirements
    > and set flags in the database to require any number of them...
    >
    > MinLength = 0 ' No minimum length
    > MinLength = 10 ' at least 10 chars long
    > ReqireMixCase = True
    > RequireDigits = True
    > RequireChars = True
    > RequireNonAlphaChars = True
    > ExpirationDays = 0 ' No expiration
    > ReminderDays = 0 ' No reminder period
    > AllowSpaces = False
    >
    > etc, etc
    >
     
    Bryan Harrington, Nov 25, 2003
    #4
  5. Bryan Harrington

    Rob Meade Guest

    "Bryan Harrington" wrote ...

    > So do you then create RegExp on the fly based on whats in the database? Or
    > are you using a series of functions and a series of
    >
    > if x = y then go do function z?


    In what we use I have a series of If...Then's - because I have no idea how
    to us regular expressions :D

    With ours I also set error flags and messages to send back to the form to -
    which is quite handy to give the users an idea of whats gone wrong and why

    My.Pa55w0rD

    isn't valid :eek:)

    Regards

    Rob
     
    Rob Meade, Nov 25, 2003
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Paul
    Replies:
    3
    Views:
    626
  2. AAaron123
    Replies:
    2
    Views:
    2,365
    AAaron123
    Jan 16, 2009
  3. AAaron123
    Replies:
    1
    Views:
    1,420
    Oriane
    Jan 16, 2009
  4. David C. Holley

    Password Requirements

    David C. Holley, Mar 6, 2004, in forum: ASP General
    Replies:
    5
    Views:
    135
    David Holley
    Mar 7, 2004
  5. Replies:
    7
    Views:
    246
    Matthias Reuter
    May 29, 2009
Loading...

Share This Page