Results 1 to 4 of 4
  1. #1
    Join Date
    Feb 2003
    Location
    Ontario, Canada
    Posts
    19

    Unanswered: Another question

    Hi,

    I am new to VB6, in fact I'm trying to teach myself how to use it.
    Here is my problem. I am trying to code a login screen. The screen has one input field along with a login button and a cancel button.
    I want to verify the password with the password stored in the Password table in access. There is only one field in the table(Password) and there will only ever be 1 record. Also I would like to have the password appear in asteriks as the user is typing it in.

    Here is what I've got so far:

    Dim dbCon As ADODB.Connection
    Dim dbCom As ADODB.Command
    Dim commandString As String

    Private Sub btnCancel_Click()
    frmLogin.Hide
    frmMainMenu.Show
    End Sub

    Private Sub btnLogin_Click()
    Dim passwd As String
    Set dbCon = New ADODB.Connection
    Set dbCon = New ADODB.Connection
    Set dbCom = New ADODB.Command
    On Error GoTo ErrorHandler
    dbCon.Open (dbConnectionModule.GetConnectionString)
    Set dbCom.ActiveConnection = dbCon

    Set rsPassword = Server.dbCon("ADODB.Recordset")
    rsPassword.Open "Select Password From Password"

    passwd = rsPassword("Password")

    If txtPassword.Text <> passwd Then
    MsgBox "Please enter a valid password"
    Else
    dbCom.Execute
    dbCon.Close
    frmLogin.Hide
    frmManagementTools.Show
    End If
    Exit Sub
    ErrorHandler:
    MsgBox Err.Description
    If dbCon.State = adStateOpen Then 'Check the open state of the connection
    dbCon.Close 'If it is open then close it
    End If
    End Sub

    Any suggestions will be greatly appreciate,

    Thanks in advance!!

  2. #2
    Join Date
    Jul 2001
    Location
    NC
    Posts
    102
    If you are going to have only one password, why store it in a table? It would be far easier to store the password as a constant or string in the routine that reads the password textbox. Then all you have do is use an IF statement such as "if data in password textbox is not exactly equal to my password then end program else continue." Also the program will be much faster. Some programmers encrypt "master" passwords and store them in the system registry, and place the more numerous "user" passwords in hidden or protected tables. If you use a textbox for dataentry, set the "password char" property "*" to hide the data as it's being entered.

  3. #3
    Join Date
    Feb 2002
    Posts
    2,232
    The problem with the password being stored in the registry is that it would have to be stored in every registry that accessed the database - plus if you allowed the password to be modified that would create problems. The problem with access is that it is not secure - sure you can encrypt and password it but that is it. The other item I would add is a maximum number of attempts at the password - then lock it.

  4. #4
    Join Date
    Feb 2003
    Location
    Ontario, Canada
    Posts
    19
    The reason we are storing it in a table is because we want the ability to change the password whenever we want. But thank you for the suggestion.


    Originally posted by vududoc
    If you are going to have only one password, why store it in a table? It would be far easier to store the password as a constant or string in the routine that reads the password textbox. Then all you have do is use an IF statement such as "if data in password textbox is not exactly equal to my password then end program else continue." Also the program will be much faster. Some programmers encrypt "master" passwords and store them in the system registry, and place the more numerous "user" passwords in hidden or protected tables. If you use a textbox for dataentry, set the "password char" property "*" to hide the data as it's being entered.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •