Ellis Posted May 19, 2003 Posted May 19, 2003 I know it's not possible to get the password from NT, but is it possible in dot net to validate whether a username/password combination is correct. Any help would be greatly appreciated. Quote
wyrd Posted May 19, 2003 Posted May 19, 2003 If they're logged in under a certain username you can assume that they gave their correct password. :) You can use the Environment.UserName method to see which user is currently logged in. Quote Gamer extraordinaire. Programmer wannabe.
Ellis Posted May 20, 2003 Author Posted May 20, 2003 The reason im after this is if a user left there machine logged on and left their pc running. I dont want another user to be able to log into the application, hence requesting the user to validate there username and password again. Im not sure if it can be done. I do have a log on form at the moment that uses Environment.UserName, but I was after something a little more secure. Any help would be much appreciated. Quote
Administrators PlausiblyDamp Posted May 20, 2003 Administrators Posted May 20, 2003 Educate your users to not leave their machines logged on and then wander off somewhere. Encourage them to lock their workstations when they are away. After all there is nothing to stop the user leaving the computer logged on AND logged in to your application. Treat this the same way you would treat a user giving their name / password to another person i.e. a security threat. Quote Posting Guidelines FAQ Post Formatting Intellectuals solve problems; geniuses prevent them. -- Albert Einstein
wyrd Posted May 20, 2003 Posted May 20, 2003 If your users are stupid enough to leave their computer logged in when they leave, then they're stupid enough to leave your program running after they're logged in when they leave as well. Quote Gamer extraordinaire. Programmer wannabe.
hog Posted May 29, 2003 Posted May 29, 2003 I'm just looking into this password thing and note you mention the use of Environment.UserName to see who is logged. I use this method in an Access97 app I wrote and would probably do the same with .NET. However, in the Access97 app I have hard coded the allowed user names into the app of those who are allowed access to certain parts of the app. Is there a way to have an external lookup of allowed users for my .NET app which I can maintain but no other person using the app can see or modify? If I have it in an external lookup file for example then the user would require access to it when my app tries to verify them, which would mean they could access this file via other means, explorer for example. Any ideas? Quote My website
hog Posted May 29, 2003 Posted May 29, 2003 don't worry about this as I have found a good post on this site....see my next post Quote My website
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.