Re: wrong authentication

This WebDNA talk-list message is from

1998


It keeps the original formatting.
numero = 17915
interpreted = N
texte = >>>Are there any known problems/limitations with the what a >>>username/password should be ? >> >>A good rule of thumb is to *never* use anything else than US-ASCII (a-z and >>0-9) in IDs and passwords. Other chars is translated differently depending >>of what charset the browser is set to use. >The problem is that I am building username and password on the fly based >on what a user enters in a form. So they may type foreign chars in their >name. The password is OK because I build it with random numbers.You can strip high ASCII by using a [CONVERTCHARS] context and use a US-ASCII conversions.db. Do so and give the user their username on the same page as you give them their password. It is also a good idea to [UPPERCASE] IDs both when they are entered and read making the ID case insensitive. ************************************************************* Christer Olsson Stora Nygatan 21 Phone +46 40 791 50 Art director S-211 37 Malmoe Fax +46 40 97 99 77 Ljusa Ideer AB Sweden http://www.ljusaideer.se Associated Messages, from the most recent to the oldest:

    
  1. Re: wrong authentication (Laurent Pladys 1998)
  2. Re: wrong authentication (Laurent Pladys 1998)
  3. Re: wrong authentication (Christer Olsson 1998)
  4. Re: wrong authentication (Christer Olsson 1998)
  5. wrong authentication (Laurent Pladys 1998)
  6. Re: wrong authentication (Kenneth Grome 1998)
>>>Are there any known problems/limitations with the what a >>>username/password should be ? >> >>A good rule of thumb is to *never* use anything else than US-ASCII (a-z and >>0-9) in IDs and passwords. Other chars is translated differently depending >>of what charset the browser is set to use. >The problem is that I am building username and password on the fly based >on what a user enters in a form. So they may type foreign chars in their >name. The password is OK because I build it with random numbers.You can strip high ASCII by using a [convertchars] context and use a US-ASCII conversions.db. Do so and give the user their username on the same page as you give them their password. It is also a good idea to [uppercase] IDs both when they are entered and read making the ID case insensitive. ************************************************************* Christer Olsson Stora Nygatan 21 Phone +46 40 791 50 Art director S-211 37 Malmoe Fax +46 40 97 99 77 Ljusa Ideer AB Sweden http://www.ljusaideer.se Christer Olsson

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

emailer settings and control questions (1997) problems with 2 tags shakur (1997) RE: Include (1998) Credit Card Processing (2000) [WebDNA] WebDNA news and projects (2014) Re:Searching for ALL / empty form field (1997) Help! WebCat2 bug (1997) Dr. Watson Error (1998) no global [username] or [password] displayed ... (1997) Possible Bug in 2.0b15.acgi (1997) suffix mapping for NT? (1997) WebCatalog and WebMerchant reviewed by InfoWorld (1997) [searchString] (1997) Re[3]: Field Problem (2000) No luck with taxes (1997) user/password validation (1998) Digest for 09-30-97 (1997) WebCat2 Append problem (B14Macacgi) (1997) Using [showif] within [lineitems] (2000) _ in front of field name (1998)