Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Password TextBox control in .NET

Posted on 2015-02-23
2
Medium Priority
?
109 Views
Last Modified: 2015-03-15
What is the proper way to create a password textbox control that is masked with bullet points.

Currently, I created a textbox control, and set itsHtmlTextWriterAttribute.Type property to "password".
writer.AddAttribute(HtmlTextWriterAttribute.Type, "password", true);
writer.AddAttribute(HtmlTextWriterAttribute.Value, text, true);

Everything looks great, except that when you right click on the page and "view source" it actually shows the password in plain text.

REQUIREMENT:
For example, the current password in the textbox is "Apple" and is masked.

If the user goes in and deletes the last letter and replaces it with "a", the new password needs to be "Appla". So in other words, the characters need to be real.

How do I achieve this without the password showing up in "view source"?
0
Comment
Question by:pzozulka
2 Comments
 
LVL 9

Accepted Solution

by:
Valliappan AN earned 1000 total points
ID: 40626689
I think the prefilled password, shows in view source, no matter, do you really need to prefill the password, I believe you do an edit data here. The purpose View Source is to avoid someone else peeking in to view the password.

An alternative would be to get Old and New Passwords, and update it, if they want to update password. It appears not an easy way to hide the prepopulated HTML code, in View Source.

HTH.
0
 
LVL 17

Assisted Solution

by:OriNetworks
OriNetworks earned 1000 total points
ID: 40627202
It is generally a bad security practice to be able to send the password back to a user and should normally only be stored in a hashed or encrypted form. In this case you are sending the password to the client so they can see it. If someone wants to see it, they will find a way to see it, there is no way around this with this method.

If you need to store this value for some kind of authentication later, you may have the option of storing in some kind of session information or a temporary database location but please do not store a plaintext or easily reversible password.
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Just a quick little trick I learned recently.  Now that I'm using jQuery with abandon in my asp.net applications, I have grown tired of the following syntax:      (CODE) I suppose it just offends my sense of decency to put inline VBScript on a…
Many of us here at EE write code. Many of us write exceptional code; just as many of us write exception-prone code. As we all should know, exceptions are a mechanism for handling errors which are typically out of our control. From database errors, t…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question