AnsweredAssumed Answered

Hiding Password Entry

Question asked by jamest on Mar 18, 2012
Latest reply on Mar 22, 2012 by jormond

I'm trying to find an answer to the problem of hiding password during entry in web accessed FM DBs.

 

I am building a database to be served on the web which must contain high security. I can't use LDAP authentication because users come from external entities to access the database. I must enforce a password policy though as is required by audit process. I use a global field to enter the password and immediately clear it after setting it to a local variable. The passwords aren't being stored in a table, I'm using FM Security for that, though I need to validate user's passwords before they change them to ensure they conform to policy. I have a layout to capture a user's current password, new pass and confirm pass. I would like to hide the passwords as they type on the layout, similar to a bullet or asterix. As the DB is web served I can't use dialog boxes.

 

I run a series of scripts at startup to check if the user is logging in for the first time/ needs to change their password because it has expired.

 

If this is not possible should I just run the change password stuff through a web page? If so is it possible to pull the result from a form without an SQL backend, or should I attempt to develop a user database to connect to via ODBC? Thank you for any help with this.

 

James

Outcomes