424,256 Members | 1,253 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,256 IT Pros & Developers. It's quick & easy.

How can I Validate a User entered the Correct Password?

P: 2
I want to verify the password field on my login screen is an exact match to the one in the table (see example).

Xray123 (form entry) = Xray123 (users table) Accepted
xray123 (form entry) = Xray123 (users table) Rejected

I hope this isn't too confusing. I am relatively new with VBA and trying to learn the best that I can. I have created basic login forms but I have always disliked not knowing a way to implement password requirements.

Note: Using Access 2016

Appreciate the assistance!
Oct 10 '18 #1
Share this Question
Share on Google+
4 Replies

Expert Mod 2.5K+
P: 2,878

Welcome to Bytes!

You really have two, very distinct and very different questions here. I will split this one thread into two threads, so folks who have questions more similar to one or the other will be able to find them.

This might also help you focus your efforts on one problem at a time--even though these issues are related.
Oct 10 '18 #2

Expert Mod 2.5K+
P: 2,878
One reliable way to compare values as you have described is to use the StrComp() Function, using the vbCompareMethod parameter of vbBinaryCompare.

You say you are relatively new to VBA, and that's fine. However, we typically don't build the solution for you. We will expect you to have something started that we can troubleshoot with you and help guide you toward a viable solution.

Hope this hepps!
Oct 10 '18 #3

Expert Mod 10K+
P: 12,297
Security 101, don't store passwords, store hashes instead, preferably with a nonce. But if you must store a password, encrypt the value or encrypt the entire database.

The situations where you need to store an actual password instead of a hash is very limited. So probably just do the former.
Oct 10 '18 #4

Expert Mod 15k+
P: 31,186
Where possible don't use passwords at all. IDs and passwords are the first and most obvious approach, but they're generally not a very clever way to handle security when you can use a system that's already there and available to you.

Most PCs nowadays use an account either on the PC itself or, more usually, on a domain of some sort. Retrieve User ID allows you to determine who the already-authenticated user is so you don't need to worry about the authentication yourself.

This is doubly beneficial as creating an easily cracked database of passwords can have serious consequences both for the users and for you as the developer responsible.

Not pretty. Don't touch it unless you absolutely have to - which is extremely rare nowadays.
Oct 16 '18 #5

Post your reply

Sign in to post your reply or Sign up for a free account.