I'm trying to find an answer to the problem of hiding password during entry in web accessed FM DBs.
I am building a database to be served on the web which must contain high security. I can't use LDAP authentication because users come from external entities to access the database. I must enforce a password policy though as is required by audit process. I use a global field to enter the password and immediately clear it after setting it to a local variable. The passwords aren't being stored in a table, I'm using FM Security for that, though I need to validate user's passwords before they change them to ensure they conform to policy. I have a layout to capture a user's current password, new pass and confirm pass. I would like to hide the passwords as they type on the layout, similar to a bullet or asterix. As the DB is web served I can't use dialog boxes.
I run a series of scripts at startup to check if the user is logging in for the first time/ needs to change their password because it has expired.
If this is not possible should I just run the change password stuff through a web page? If so is it possible to pull the result from a form without an SQL backend, or should I attempt to develop a user database to connect to via ODBC? Thank you for any help with this.