Password Requirements

If you have questions or if you want to share your opinion about Aware IM post your message on this forum
Post Reply
hpl123
Posts: 2605
Joined: Fri Feb 01, 2013 1:13 pm
Location: Scandinavia

Re: Password Requirements

Post by hpl123 »

The solution Rod detailed should work (the "encryption" is subpar so not a very secure solution though) for this but here are tips about other potential solutions you can use::
http://www.awareim.com/forum/viewtopic. ... ain#p35893

http://www.awareim.com/forum/viewtopic. ... Bob#p29238
Henrik (V8 Developer Ed. - Windows)
Top
tford
Posts: 4238
Joined: Sat Mar 10, 2007 6:44 pm

Re: Password Requirements

Post by tford »

Mark - I think you kinda just answered your own question :)

Why not do this:

1. On signup you set username and create a password for the user (use the Aware function to create password, make it a random long key)

2. Then using rules you build a login link, why not actually use the username and password in the link, then encrypt the link using the Aware function)

3. Email it to user

4. When they click it they are actually logging in with their user name and password (but can't see it because it's encrypted). Have a process (first command) to check first login and prompt them to enter new password.
Rod's answer will definitely work. I do something similar for an application although the purpose of my email is different.
Tom - V8.8 build 3137 - MySql / PostGres
Top
karelh
Posts: 86
Joined: Wed Oct 26, 2016 10:20 pm

Re: Password Requirements

Post by karelh »

RLJB wrote:Mark - I think you kinda just answered your own question :)

Why not do this:

1. On signup you set username and create a password for the user (use the Aware function to create password, make it a random long key)

2. Then using rules you build a login link, why not actually use the username and password in the link, then encrypt the link using the Aware function)

3. Email it to user

4. When they click it they are actually logging in with their user name and password (but can't see it because it's encrypted). Have a process (first command) to check first login and prompt them to enter new password.
Thank you very much for this information. I have it at the point where the user gets the link and he can login. I also execute a process on first logon that tells the user to change their password and it then displays the user settings BO form.

The only issue is that there is obviously a password already in the password field and the user can just hit save without changing it. I have tried setting the password to undefined but that does not seem to work. How can I clear the password attribute on the form to force them to enter a new password?

Thanks!
Top
4xjbh
Posts: 177
Joined: Thu Dec 22, 2005 10:01 pm
Location: Brisbane

Re: Password Requirements

Post by 4xjbh »

I would just have a yes/no that is checked if a password change is required and have it checked against the old value. I think there is a function old_value
Regards, James

AwareIM 7.1 on AWS - Beware I'm a AwareIM noob. Anything I help you with might make the hole your in deeper.
Top
karelh
Posts: 86
Joined: Wed Oct 26, 2016 10:20 pm

Re: Password Requirements

Post by karelh »

4xjbh wrote:I would just have a yes/no that is checked if a password change is required and have it checked against the old value. I think there is a function old_value
Thank you so much. That worked like a charm.
Top
Post Reply

Return to “General discussion and questions about Aware IM”