Solved

Password TextBox control in .NET

Posted on 2015-02-23
2
106 Views
Last Modified: 2015-03-15
What is the proper way to create a password textbox control that is masked with bullet points.

Currently, I created a textbox control, and set itsHtmlTextWriterAttribute.Type property to "password".
writer.AddAttribute(HtmlTextWriterAttribute.Type, "password", true);
writer.AddAttribute(HtmlTextWriterAttribute.Value, text, true);

Everything looks great, except that when you right click on the page and "view source" it actually shows the password in plain text.

REQUIREMENT:
For example, the current password in the textbox is "Apple" and is masked.

If the user goes in and deletes the last letter and replaces it with "a", the new password needs to be "Appla". So in other words, the characters need to be real.

How do I achieve this without the password showing up in "view source"?
0
Comment
Question by:pzozulka
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 9

Accepted Solution

by:
Valliappan AN earned 250 total points
ID: 40626689
I think the prefilled password, shows in view source, no matter, do you really need to prefill the password, I believe you do an edit data here. The purpose View Source is to avoid someone else peeking in to view the password.

An alternative would be to get Old and New Passwords, and update it, if they want to update password. It appears not an easy way to hide the prepopulated HTML code, in View Source.

HTH.
0
 
LVL 17

Assisted Solution

by:OriNetworks
OriNetworks earned 250 total points
ID: 40627202
It is generally a bad security practice to be able to send the password back to a user and should normally only be stored in a hashed or encrypted form. In this case you are sending the password to the client so they can see it. If someone wants to see it, they will find a way to see it, there is no way around this with this method.

If you need to store this value for some kind of authentication later, you may have the option of storing in some kind of session information or a temporary database location but please do not store a plaintext or easily reversible password.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ASP.Net to Oracle Connectivity Recently I had to develop an ASP.NET application connecting to an Oracle database.As I am doing it first time ,I had to solve several problems. This article will help to such developers  to develop an ASP.NET client…
A quick way to get a menu to work on our website, is using the Menu control and assign it to a web.sitemap using SiteMapDataSource. Example of web.sitemap file: (CODE) Sample code to add to the page menu: (CODE) Running the application, we wi…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question