password requirements

B

Bryan Harrington

Hello.. I'm trying to come up with a good way to have password requirements
(i.e., length, Upper/Lower case mix, x number of Alpha, x number of numeric,
etc.) configurable by installed site.

The two customers that I'm working with on this app right now have 2 very
different password requirements, I'd rather not have to re-write the signup
and login page for each customer.

I'm working in classic ASP, but .. ASP.NET is not out of the question.

Does anyone have any good insight? Good links?

Thanks!
 
D

Dan Brussee

Hello.. I'm trying to come up with a good way to have password requirements
(i.e., length, Upper/Lower case mix, x number of Alpha, x number of numeric,
etc.) configurable by installed site.

The two customers that I'm working with on this app right now have 2 very
different password requirements, I'd rather not have to re-write the signup
and login page for each customer.

I'm working in classic ASP, but .. ASP.NET is not out of the question.
Click to expand...

Write the code to support any number of these types of requirements
and set flags in the database to require any number of them...

MinLength = 0 ' No minimum length
MinLength = 10 ' at least 10 chars long
ReqireMixCase = True
RequireDigits = True
RequireChars = True
RequireNonAlphaChars = True
ExpirationDays = 0 ' No expiration
ReminderDays = 0 ' No reminder period
AllowSpaces = False

etc, etc
 
R

Rob Meade

...

[..snip..]

I'd concur on Dans posting with regards to this - we've written a single
login application (if you can call it an application as such) for our secure
applications within our organisation in the NHS.

We have the same as Dan points out along with whether or not special
characters are allowed on so on - it means you can customise it per
application/client or whatever...

Regards

Rob
 
B

Bryan Harrington

So do you then create RegExp on the fly based on whats in the database? Or
are you using a series of functions and a series of

if x = y then go do function z?

Thanks!
 
R

Rob Meade

...
So do you then create RegExp on the fly based on whats in the database? Or
are you using a series of functions and a series of

if x = y then go do function z?
Click to expand...

In what we use I have a series of If...Then's - because I have no idea how
to us regular expressions :D

With ours I also set error flags and messages to send back to the form to -
which is quite handy to give the users an idea of whats gone wrong and why

My.Pa55w0rD

isn't valid :eek:)

Regards

Rob
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Different password policies for different roles 1
ASP regular expression check for password needing numerals and characters 1
RegularExpression Validation for password in ASP.NET 5
Classic ASP and Web Services that are password protected 1
Password Validation 1
Password Validation 2
Net::SSH2 - Authentication without a password? 0
RegEx DataValidation Help 5

Members online

Total: 53 (members: 3, guests: 50)
Robots: 461

Forum statistics

Threads
473,769
Messages
2,569,580
Members
45,054
Latest member
TrimKetoBoost

Latest Threads

Top