4 Replies Latest reply on Aug 27, 2014 6:58 AM by mikebeargie

    masking password

    ankurdw

      please give me logic for converting a text into cypher text in password field.

       

      meant i want that when someone enter his password then it shows in masking value eg. "12345" is shown as "*****".

       

      I tried a lot but it didn't work , i use replace function associated with some text function like as Right or Left but i didn't got the result.

        • 1. Re: masking password
          jimfeuerstein

          ankurdw,

           

          Are you using a Custom Dialog for this? If so, notice that you have the option to 'Use password character' in input fields. There's a checkbox immediately below the input field 'Specify' button.

           

          - Jim

          • 2. Re: masking password
            coherentkris

            ankurdw,

            Please make sure you research the security implications of storing authentication information in FileMaker tables. Homegrown security systems are problematic at best and It's not reccomended practice for many reasons. Of course if your not doing that then ignore my post.

            • 3. Re: masking password
              keywords

              Take a look at this demo on Ray Cologon's NightWing website:  http://www.nightwing.com.au/FileMaker/demosX/demoX05.html

              • 4. Re: masking password
                mikebeargie

                One "hack" I saw at one time was to use a custom font on the password field that just had every character replaced with asterisks. It was vulnerable to copying and pasting a password out, but for generic masked entry it worked great.

                 

                With the custom dialog script step's option to mask password entry now, that's the easiest way to go, but a dialog box can be more annoying than staying on a layout and typing in a field.

                 

                You can also do a trigger script, OnObjectKeystroke, to replace characters with *, however if you want to "store" the password value then, you have to add to that trigger to "build" the password into another hidden field before you do the replace.

                 

                My calculation would be something like this:

                 

                Let([

                   p = length(table::password);

                   str = "******************************" //Make this a bunch of asterisks equal to your max password length

                ];

                  left ( str ; p )

                )

                 

                or even simpler this:

                 

                left (table::password; length(table::password) - 1) & "*"

                 

                My script would look something like:

                 

                If ( backspace was pressed )

                  set field [ table::hiddenpassword | left ( table::hiddenpassword ; length ( table::hiddenpassword ) - 1 ) ]

                  set field [ table::entrypassword | left ( table::entrypassword ; length ( table::entrypassword ) - 1 ) ]

                else if (enter or return button was pressed)

                  perform validation script

                else

                  set field [ table::hiddenpassword | table::hiddenpassword & right ( table::entrypassword ; 1 ) ]

                  set field [ table::entrypassword | left (table::entrypassword; length(table::entrypassword) - 1) & "*" ]

                end if

                Go back to cursor in entrypassword field

                 

                You can keep making this a bit more elegant, EG storing the password as a virtual value instead of in a field, but that's the basic premise.

                1 of 1 people found this helpful