[RESOLVED] [2005] is there a common tool to generate complex passwords?
Is there a tool integrated with asp.net 2.0 to generate complex password? , otherwise, if nothing is integrated with .Net 2.0, what s usually used in good pratices?
The passwords re gonna be used for sql server logins. Those re the same logins we put in our connection strings to access Sql Server databases.
What I need, Instead of just picking ordinary easy passwords for my DB logins, I want those password to be generated in a complex value, then we ll put the generated complex passwords in both the conncetionstring and the sql server login credentials.
thanks
Re: [2005] is there a common tool to generate complex passwords?
Re: [2005] is there a common tool to generate complex passwords?
Re: [2005] is there a common tool to generate complex passwords?
No problem, add resolved if that was what you were looking for.
Re: [2005] is there a common tool to generate complex passwords?
Sorry Mendhak, I misled u (by careless answer). the tool u suggested only works in conjunction with the registery. Me, I don t want to store anything in the registery.
To solve my issue, I used MemberShip.generatePassword
I guess the issue is resolved through that. But let me know if u have any thing else in mind.
Take care :)
Re: [RESOLVED] [2005] is there a common tool to generate complex passwords?
You mentioned
Quote:
The passwords re gonna be used for sql server logins.
so I don't see how this is going to help you as this would then be generated at runtime.
Re: [RESOLVED] [2005] is there a common tool to generate complex passwords?
good remarque.
Here s the deal & pls tell me what u think about this design or if i didnt express myself well:
we use windows authentication in our web apps, and we use single sql login for each app to access the DB (I guess it s called sql authentication). The passwords for sql server logins are gonna be stored in the connectionstrings of each app, right?
I want those passwords to be genrated automatically in a complex way. That s where comes the new application : "password generator" that I built just to generate complex passwords.
When ever we add a new web application, we create a sql login, then we ll use the "password generator" application, to generate a pw for the sql login, then the "password generator" encrypts the pw before it stores it in the passwords DataBase. At the same time, the "password generator" app returns the plain password that was generated (non encrypted). Then we copy that password manually and paste it in the connectionstring of the added application. Then we ll use : Aspnet_reg.exe to encrypt the connectionstring itself.
is this good?
2/ I was thinking also of using the membership database to create the sql logins and encrypt passwords for each web app that we use, instead of creating a new DB to store the apps sql credentials and instead of building the encryption classes from scratch using (cryptoservices) which I did. I think Membership class does all that automatically, but I don t know if it d be good idea, especially that w dont use Formauthentication for the applications, but a single login for sql server access. What I am asking is: is it worth creating a single sql login per application in the membership database? my understanding was that we use membership DB mainly for forms authentication where we ll have many users accessing the same web app, right?
Those same passwords,
Re: [RESOLVED] [2005] is there a common tool to generate complex passwords?
So after your app generates the password, you're going to have it stored in your connection string and another database? This is a password used by an application so storing the password in the database that it wants to connect to doesn't make sense, it does make sense if you create a sql login for that application with that password and then use that username/password in your connection string.
Are you essentially trying to write software that replaces the function/job of a DBA?