Introducing flag to force user to change password.
Posted on 2006-06-02
I will like to introduce a flag to my current login form such that when users password are reset or a new user is created to set the flag. On logon, if this flag is set, then force user to change password; AND after password has changed, this flag is reset
In my current design, when user is created, the default password "wizard" is automatically updated to tblSecurity.Password; tblPasswords_old.Password, DBText of module and date created also updated to both the module and tblPasswords_old.Changedate fields.
When user attempts to logon with the default password, user is forced to change password.
Here is the new amended I would like to introduce.
1. After user has been created and the default password updated as described above, set a flag to tblSecurity assuming that a new checkbox named PWChange field has been added for setting the flag.
2. In my current design, when a user first attempts to log on, the default password is first checked for validity by checking the stored password in tblSecurity.Password; tblPasswords_old.Password, DBText of module and tblPasswords_old.Changedate fields.
If there is a perfect match it will proceed to step 3 below if no match in any of the tables above then proceed to step 4.
3. a. If there is a password match, the flag feature will be triggered such that user is forced to change password. And
after password has been changed, then the flag must be reset
b. If the flag is not set, then msgbox; 'Please contact your database administrator.
4. If the password in all the tables above in step 2 does not match, AND EVEN IF THE FLAG IS SET OR NOT, then
....msgbox; DB has been modified, Contact your database administrator and then shut down DB.
If user's password is reset for any reason in al the fields described above, then proceed to check the validity of the reset password as described above then use the flag again here to force user to change password and once password is changed then this flag is reset.
PLEASE NOTE THAT THE PROCEDURE DESCRIBED IN STEPS 3 AND 4 ARE ALREADY WORKING IN MY CURRENT DESIGN - THE ONLY THING I NEEDED IS TO ADD THE FLAG FEATURE TO MY CURRENT DESIGN.
Here is the code for login in new user with the default password - This code needs to be amended to work with the flag featuire as described in steps 2, 3 and 4 above.
Dim stDocName As String, stLinkCriteria As String
On Error Resume Next
'If user types in Wizard, then assume first time user enters (check value in lowercase)
If LCase$(txtPassword.Value) = "wizard" Then
If pwDateValidation Then '<<<---- This is for 60 days password expiration
MsgBox "This is the first time using the database or your password has been reset." & Chr(13) & _
"You must change your password before you can enter the database.", _
vbOKOnly + vbExclamation, "Change Password"
MsgBox "Here I call frmUpdatePassword"
DoCmd.OpenForm "frmUpdatePassword", , , "UserID = '" & g_sUserID & "'", , acDialog
'WHAT DO YOU WANT TO HAPPEN WHEN USER ENTERS wizard AND IT FAILS pwDateValidation ???