Printer Friendly Version

BellaOnline's ASP Editor

Ensuring Proper Password Format

If you're asking your users to submit a password of 6-12 characters, you want to make sure it is done properly and without any special characters which could compromise your system.

To do this, you would want to use regular expressions. Be sure to read the articles on this site that explain how regular expressions work if you have not used them before.

The code would look like this:

NewPass = request("newpass")
Dim RegEx
Set RegEx = New regexp
RegEx.Pattern = "^[A-Za-z0-9]{6,12}$"
RegEx.Global = True
RegEx.IgnoreCase = True

if RegEx.Test(NewPass) = FALSE then response.redirect("error.asp")

That ensures that the user-submitted password is 6-12 characters long and is made up solely of letters and numbers - no special characters like ; or ' that might jeopardize your database security.

Note that you need the ^ at the beginning and $ at the end. That ensures that the entire pattern matches - from the very beginning to the very end of the string.

Be sure to use input checks not only on your passwords, but on anything the user submits that then gets sent along to a database query!

ASP Site @ BellaOnline
View This Article in Regular Layout

Content copyright © 2013 by Lisa Shea. All rights reserved.
This content was written by Lisa Shea. If you wish to use this content in any manner, you need written permission. Contact Lisa Shea for details.

| About BellaOnline | Privacy Policy | Advertising | Become an Editor |
Website copyright © 2016 Minerva WebWorks LLC. All rights reserved.

BellaOnline Editor