changing the password 1

[chaosguy]

Hey guy, I was sorta wonderign if anyone can help me with something. I have a form that prompts the user for a password then if they get it correct opens up a form. However, i need to make another form that allows the user to change the password.

the code i used was

Private Sub Log_in_Click()
If Me.Password = "oel" Then
DoCmd.Close
DoCmd.OpenForm "Supplier Info"
Else
MsgBox "The password you have entered is incorrect"
End If

End Sub


i need not a code to would change that code from oel to something else? can anyone help?
I looked in the forum and FAQ and i didn't find anyting, i just hope i didn't spam cause this seems like a pretty easy task to do. thank u guy

A quick response would be appreciated

chaosguy - To die will be an awefully big adventure!!!

 

[Ed2020]

Chaosguy,

First you need to create a single field table to store the password in. Name the table "tblPassword" and the field "Password".

Now change your current code to the following:

Private Sub Log_in_Click()
If Me.Password = Dlookup("Password","tblPassword") Then
DoCmd.Close
DoCmd.OpenForm "Supplier Info"
Else
MsgBox "The password you have entered is incorrect"
End If
End Sub

Create a new form with a textbox called txtNewPass and a command button called cmdChangePass.

Put the follwing code behind the command button's On_Click event:

Private Sub cmdChangePass_Click()
Dim ThisDB As DAO.Database
Dim rstPassword As DAO.Recordset

If IsNull(Me.txtNewPass.Value) Then
MsgBox "You must enter a password before saving changes.", vbExclamation, "Password Not Changed."
Else
Set ThisDB = CurrentDb()
Set rstPassword = ThisDB.OpenRecordset("tblPassword", dbOpenDynaset)

ThisDB.Execute "DELETE * FROM tblPassword;", dbFailOnError 'Clear table to ensure only one password

With rstPassword
.AddNew
!Password = Me.txtNewPass.Value
.Update
End With

rstPassword.Close
ThisDB.Close
Set rstPassword = Nothing
Set ThisDB = Nothing
End If
End Sub

Ed Metcalfe



Please do not feed the trolls.....

 

[Ed2020]

As an additional security measure I would set the Input Mask property of the txtNewPass textbox to "Password" so the user's new password is masked with asterisks.

Ed Metcalfe.

Please do not feed the trolls.....

 

[jrbarnett]

What you will need to do is to store the password in a table within the database.

Your password checking routine needs to compare what the user types in with the stored password, and either allow access or display a "Wrong Password" message.

Your change password screen merely has to update the stored password.

Dependent on the sensitivity of the information within the system, you would probably want to encrypt the stored password using a simple algorithm, and to hide the table it is stored in from easy viewing.
You would also certainly want to MDE or secure the form that includes the encryption or decryption routines for the copy that is accessed by your users to stop anybody looking up where it is stored or how to decode it.

John

 

[Ed2020]

Oh, and a confirmation message that the password was successfully changed would be good too.

Ed Metcalfe.

Please do not feed the trolls.....

 

[chaosguy]

jrbarnet and especially ed metcalfe, thank you so much. It was shocking that I got an reply so quickly and everything, it's awesome. i was wondering tho, if like the "change password" for could like have a text box to enter the current password, and an extra text box as well to more or less varify that they entered the pwd they wanted. so they would more or less compare the two new password, then see if the current password box has the real password before it can be changed.

I already created the pable and everything and it works fine, well the same actually, lol. thank u

Chaosguy - To die would be an awefully big adventure.

 

[Ed2020]

Chaosguy,

Add a new textbox to your password change form called "txtCurrentPass".

Modify the code behind the cmdChangePass_Click event to the following:

Private Sub cmdChangePass_Click()
Dim ThisDB As DAO.Database
Dim rstPassword As DAO.Recordset

If IsNull(Me.txtCurrentPass.Value) Then
MsgBox "You must enter the current password before changing.", vbExclamation, "Password Not Changed."
ElseIf IsNull(Me.txtNewPass.Value) Then
MsgBox "You must enter a password before saving changes.", vbExclamation, "Password Not Changed."
ElseIf Me.CurrentPass.Value <> Dlookup("Password","tblPassword") Then
MsgBox "The current password you have entered is incorrect.", vbExclamation, "Password Not Changed."
Else
Set ThisDB = CurrentDb()
Set rstPassword = ThisDB.OpenRecordset("tblPassword", dbOpenDynaset)

ThisDB.Execute "DELETE * FROM tblPassword;", dbFailOnError 'Clear table to ensure only one password

With rstPassword
.AddNew
!Password = Me.txtNewPass.Value
.Update
End With

rstPassword.Close
ThisDB.Close
Set rstPassword = Nothing
Set ThisDB = Nothing
End If
End Sub

Ed Metcalfe

Please do not feed the trolls.....

 

[Ed2020]

PS - You do need to bear in mind that, unless this database is secured to prevent users accessing the DB window to open tblPassword, then most of this code is pretty pointless. Anyone could just open the table and retrieve the password details.

Ed Metcalfe.

Please do not feed the trolls.....

 

[chaosguy]

Thank you again Ed, and don't worry, I plan to take some sorta measure to hide or secure the database table. thank u so much.

tik-tips is the best

Chaosguy - To die would be an awefully big adventure.

 

[Ed2020]

ChaosGuy,

A few things you need to do to secure your database (without these I would not consider the database as secure as it can be):

1. Implement user-level security.
2. Make it an MDE file (but make sure you keep your MDB for future development).
3. Disable Shift key bypass.
4. Disable Ctrl+Break.
5. Hide the database window and disable F11.
6. As an additional measure I also like to ensure users can only open the database in Runtime Access, however this is probably not so necessary if you are releasing an MDE.

Ed Metcalfe.

Please do not feed the trolls.....

 

[chaosguy]

Thanks Ed, when I get to that I'll keep in mind those recommendations.

Anyways for those persons that wanted a form sorta like mines, here's the code i used, I had to edit it a little and iron out a few bugs, nothing big, Buty the code works great with my access 2003, if ya have a earlier version, idk.

I made extra text box called "Currentpasscheck". I also took out the cmd and txt from some the names. It works great and does what u want .

Please do not feed the trolls like Ed said :S

Private Sub ChangePass_Click()
Dim ThisDB As DAO.Database
Dim rstPassword As DAO.Recordset

If IsNull(Me.CurrentPass.Value) Then
MsgBox "You must enter the current password before changing.", vbExclamation, "Password Not Changed."
ElseIf IsNull(Me.NewPass.Value) Then
MsgBox "You must enter a password before saving changes.", vbExclamation, "Password Not Changed."
ElseIf Me.CurrentPass.Value <> DLookup("Password", "tblPassword") Then
MsgBox "The current password you have entered is incorrect.", vbExclamation, "Password Not Changed."
ElseIf Me.NewPass.Value <> Me.CurrentPasscheck.Value Then
MsgBox "The passwords you have entered do not match!"
Else
Set ThisDB = CurrentDb()
Set rstPassword = ThisDB.OpenRecordset("tblPassword", dbOpenDynaset)

ThisDB.Execute "DELETE * FROM tblPassword;", dbFailOnError 'Clear table to ensure only one password

With rstPassword
.AddNew
!Password = Me.NewPass.Value
.Update
End With

rstPassword.Close
ThisDB.Close
Set rstPassword = Nothing
Set ThisDB = Nothing
MsgBox "Your Password have been changed"
End If
End Sub


Chaosguy - To die would be an awefully big adventure.