Validate username/password combination

E

Ellis

Member
Joined
Mar 10, 2003
Messages
15
Location
England, United Kingdom
I know its not possible to get the password from NT, but is it possible in dot net to validate whether a username/password combination is correct.

Any help would be greatly appreciated.
 
If theyre logged in under a certain username you can assume that they gave their correct password. :)

You can use the Environment.UserName method to see which user is currently logged in.
 
The reason im after this is if a user left there machine logged on and left their pc running. I dont want another user to be able to log into the application, hence requesting the user to validate there username and password again.

Im not sure if it can be done.

I do have a log on form at the moment that uses Environment.UserName, but I was after something a little more secure.

Any help would be much appreciated.
 
Educate your users to not leave their machines logged on and then wander off somewhere. Encourage them to lock their workstations when they are away.

After all there is nothing to stop the user leaving the computer logged on AND logged in to your application.

Treat this the same way you would treat a user giving their name / password to another person i.e. a security threat.
 
If your users are stupid enough to leave their computer logged in when they leave, then theyre stupid enough to leave your program running after theyre logged in when they leave as well.
 
Im just looking into this password thing and note you mention the use of Environment.UserName to see who is logged.

I use this method in an Access97 app I wrote and would probably do the same with .NET.

However, in the Access97 app I have hard coded the allowed user names into the app of those who are allowed access to certain parts of the app.

Is there a way to have an external lookup of allowed users for my .NET app which I can maintain but no other person using the app can see or modify?

If I have it in an external lookup file for example then the user would require access to it when my app tries to verify them, which would mean they could access this file via other means, explorer for example.

Any ideas?
 
dont worry about this as I have found a good post on this site....see my next post
 

Similar threads

S
Read CSV file
Replies
0
Views
63
sva0008
S
C
1Password just made password sharing a lot safer
Replies
0
Views
128
Chris Smith
C
C
Google just fixed the worst thing about dealing with hacked passwords
Replies
0
Views
82
Chris Smith
C
J
Validate if string exist in txt file and update previously used txt file
Replies
0
Views
128
jazz1010
J
C
1Password’s brilliant new security feature lets you hide your email
Replies
0
Views
105
Chris Smith
C
Back
Top