I work on this web database with SQL Server back-end and classic asp/VB/Java script front-end. It's all on a dedicated Windows server I control almost a 100%. So far I used a login procedure where - at login - the page call a table in the database with user credentials and return a "Go" or "No" to proceed to other pages for logged in users only. A cookie is created at "Go" and will expire after an hour of inactivity. When expired, the user is returned to the login page.
Now... I have to implement a procedure:
Every 3 month a users password must be changed and live up to certain criteria like upper/lower case, number, special character etc.
Option 1: I can try to program something in VB?? (I need help or some good suggestions)
Option 2: I can skip the present concept and create all users on the server. To access the server a SMS pass code is required on top of the login credentials. But how can I implement the Windows Server authentication to the asp/VB coding?
I would be very happy for some support here. It's a little new territory for me.
And I'm sure it could work better with VB.NET, but that gotta wait some months. First I must make it work in classic asp/VB.
I look forward to some wise words. :-)