Post reply

password issue

  • May 10, 2012 at 9:36 pm

    #392232

    hi all, i am working on password manage ment project,

    there is a login page on my application, where the user enters the user name and password

    tthe password get encrypted in sha 256 hash and match the value of hash with already saved hash password for that user.

    when both hashes are matched then user is allowed for login. there is a password change page where user can change its password and the new password hash is saved in table.

    the same code is called for bot hashing and this is written in java.

    now there is some module enhancement where we need that when user does not login for 3 dayus then its account is locked and

    need to reset by admin. the problem arises here i write a clr code that converts a string to

    sha 256 hash and call it in proc, after reset the passoword when user tries to enter in application

    it returns error that invalid password , becasue there are some mismacth in java hashing that is applies on front end of application and the clr hashing .

    please suggets the best way that i can use.

  • May 11, 2012 at 12:11 am

    #1486106

    keep it easy.

    Just ad a column to manage the user status.

    enabled/disabled/suspended/blocked

    This way your "check non-active 3days" application only has to put the column to the value that goes for blocked and your 'administrator' only has to re-enable that account.

    Johan

    Learn to play, play to learn !

    Dont drive faster than your guardian angel can fly ...
    but keeping both feet on the ground wont get you anywhere :w00t:

    - How to post Performance Problems
    - How to post data/code to get the best help[/url]

    - How to prevent a sore throat after hours of presenting ppt

    press F1 for solution, press shift+F1 for urgent solution 😀

    Need a bit of Powershell? How about this

    Who am I ? Sometimes this is me but most of the time this is me

  • May 11, 2012 at 12:36 am

    #1486110

    pnpsql (5/10/2012)

    now there is some module enhancement where we need that when user does not login for 3 dayus then its account is locked

    One concern there... What about a long weekend (like easter or when christmas falls on a friday)? Every account will be locked out the next week. Lots of work for an admin.

    Gail Shaw
    Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
    SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

    We walk in the dark places no others will enter
    We stand on the bridge and no one may pass

Viewing 3 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic. Login to reply