password question

**Leeper77** · Nov 1st, 2000, 08:52 AM

ok i have a general, well not so general question. i am creating a program that is password protected.. there are multiple users. it works just fine by itself. but they want to change there passwords to there own and i dont know exactly how to get this done. I have coded there username and password into the program and was wondering if there is a way to update the code during runtime or at least temp storage and then when they close the program it copies the new password to there variable i will paste my code for the password page since i havent the faintest idea on how to get the change password to work

thanks

Dim mystring As String
Dim title As String
Dim msg As String
Dim reply As Integer
Dim flags As String
Dim laura As String
Dim laurap As String
Dim surveillance As String
Dim surveillancep As String
Dim slots As String
Dim slotsp As String
Dim administrator As String
Dim administratorp As String

Private Sub CmdCancel_Click()
Call cleanscreen
CmdChangePWD.Enabled = False

End Sub
Private Sub CmdChangePWD_Click()
'goes to the password change form username and password is still needed to verify then txtbox for new password will appeaar
frmpassword.Visible = False
frmPasswordChange.Visible = True
frmPasswordChange.txtOldPassword.Text = frmpassword.txtPassword.Text
End Sub
Private Sub cmdEnter_Click()
laura = "laura"
laurap = "aaaa"

surveillance = "surveillance"
surveillancep = "surv"

slots = "slots"
slotsp = "lvd"

administrator = "administrator"
administratorp = "leeper"

mystring = txtEmpID.Text
If txtEmpID.Text = laura And txtPassword.Text = laurap Then
mystring = "Laura"
CmdChangePWD.Enabled = True
Call Welcome

ElseIf txtEmpID.Text = surveillance And txtPassword.Text = surveillancep Then
CmdChangePWD.Enabled = True
mystring = "Surveillance"
Call Welcome

ElseIf txtEmpID.Text = slots And txtPassword.Text = slotsp Then
CmdChangePWD.Enabled = True
mystring = "Slot"
Call Welcome

ElseIf txtEmpID.Text = administrator And txtPassword.Text = administratorp Then
CmdChangePWD.Enabled = True
mystring = "God"
Call Welcome

Else
Text = "Incorrect Password"
msg = "You Have Entered An Incorrect Password"
flags = vbOKOnly
reply = MsgBox(msg, flags, title)
cleanscreen
End If
End Sub
Private Sub CmdExit_Click()
End
End Sub
Private Sub Form_Load()
CmdChangePWD.Enabled = False

End Sub

Private Sub cleanscreen()
txtEmpID.Text = ""
txtPassword.Text = ""
mystring = ""

End Sub

Private Sub Welcome()

Text = "Welcome"
msg = "Welcome Back " & mystring & ""
flags = vbOKOnly
reply = MsgBox(msg, flags, title)
If keyascii = vbOKOnly Then
'cleanscreen
'CmdChangePWD.Enabled = False
End If

End Sub

**paulw** · Nov 1st, 2000, 09:23 AM

You are heading for trouble if you hard code passwords into your program - you need some kind of external data structure to maintain the passwords beyond the lifetime of the program - you either need a file but you do not want plain text or you could use a table in a database.

Your problem is that the passwords are hard coded and even if the user changes the password, that change will be lost when the program ends.

You really need a routine that asks for a username and password via a form and then compares that value against values read from a file, say.

Instead of a lot of If, Else If you could write a function ValidateUser, say that takes in the username and password supplied by the form, validates it and returns a value to indicate whether the user is valid or not.

e.g.

Code:

Function ValidateUser(sUsername as String, sPassword as String) as Boolean

Type UserRecord
  UserName As String * 50
  Password As String * 20
End Type

Dim tCurrentUser As UserRecord
'Code to read password from file
Open "password.dat" For Input As #1
Do While tCurrentUser.UserName <> sUserName
  Get #1, UserRecord	
Loop
Close #1

If sPassword = Trim$(tCurrentUser.Password) Then
  ValidateUser = True
Else
  ValidateUser = False
End If

End Function

You would use this function thus:

Code:

If ValidateUser("Paul", "Whitfield") Then
  MsgBox "Welcome"
  'enter code...
Else
  MsgBox "Buzz Off"
  'go away code
End If

You would replace "Paul" and "Whitfield" with variables set to the current user name and password.

The BIG problem with all this is that the passwords are in plain text. You would also need to write a routine to update the password. Like ValidateUser but use PUT to write to the file...

I am not sure how you encrypt stuff, but if it is a low security app and you just want to keep out mischief makers then this will do.

Hope it helps.

Cheers,

Paul

**Leeper77** · Nov 1st, 2000, 09:33 AM

ok...

what i would like to do is use a mdb but not entirely sure on how to code that part of it??? not sure how it will go? any help would be greatful
and its a little fun project for me thas about it

**Lafor** · Nov 1st, 2000, 09:39 AM

just an alternative

R u using SQL Server?
R they using the same password? And if they change it, do
they want the pwd on the server to be changed as well?

If not

Create a simple table, 'PWDTable' with say 4 fields
UserName, Password, DateModified, ModifiedByUser

Enter their original passwords in the table, possibly
via a small enter/edit screen

Then should a user choose to change a pwd

update PWDTable
set Password = whatever
where UserName = Whatever

Now, if using Access, make the pwd field an actual PASSWORD field so that no one can see what it is even if they open the table or do a select on it..

good luck

**Leeper77** · Nov 1st, 2000, 09:42 AM

i wish i could have sql server but nope jus have access

**D12Bit** · Nov 1st, 2000, 10:34 AM

Hello, it´s almost the same sql statment that you need just
having access, because the connection is established let´s
say with ADO no matter where the database is stored.

Saludos...

**Leeper77** · Nov 1st, 2000, 10:41 AM

i have never used ado? need a tutorial or some help

**paulw** · Nov 1st, 2000, 10:58 AM

Can't do it now, I'll get back to it in the a.m. (London time).

Cheers,

Paul.

**Leeper77** · Nov 1st, 2000, 11:25 AM

sounds like a plan

**Lafor** · Nov 1st, 2000, 11:28 AM

First, Create a table in Access with these fields I indicated

Fill it in with a couple of values...

and tell us when u;re done

**marnitzg** · Nov 1st, 2000, 02:12 PM

Just as a general statement here. Never hard code any passwords into your program. If someone knows how to use the debug function they can grab your password straight out of the exe with debug. Its comes up as big fat text!

Nov 1st, 2000, 02:37 PM

i used a textfile that i encrypt so the "ordinary"
user cannot read it (the password)

i used about three textboxes :
one to enter their current password
the next two to validate their new password
and then write the new password back (encrypted)
to the textfile again, unless they didn't type
the present password correctly.

Code:

'small example:
FileNumber = FreeFile()
If Text2 = Text3 Then
    Open FILE For Output As FileNumber
    Print FileNumber, EnCrypt(Text3)
    Close #FileNumber
    MsgBox "Password successfully changed!", vbInformation, "Updated"
    Text2 = ""
    Text3 = ""
    'password changed; close program
    Unload Me
Else
    Close #FileNumber
    MsgBox "Typed incorrectly, please re-enter password"
    Text3 = ""
    Text2 = ""
    Text2.SetFocus
End If

**Asaf_99** · Nov 1st, 2000, 03:19 PM

I know this desn't do anything with the question but instead declaring tons of stings use:

Code:

Dim A(1 to x) As String
'replace x with the number of stings you want.

Edited to add "As String"

Thread: password question

Thread Tools

Display

Passwords - hmmm

re

...

no sql

With Access the same

ado

Passwords

works for me

..

Posting Permissions