469,268 Members | 921 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,268 developers. It's quick & easy.

Convert all characters to ' * ' where password is displayed...

Hi,

I have a field from my recordset called RS("Password").
If I wish to display each character as an asterix '*' how do I go
about it.
I've seen the replace function, but cannot work out how to do it for
how ever many characters there are in the record ?
Appreciate your help

David.
Jul 19 '05 #1
20 3350
For i to Len(RS("Password"))
strPass = strPass & "*"
Next

then use strPass iin your display

"David" <da***@scene-double.co.uk> wrote in message
news:c1**************************@posting.google.c om...
Hi,

I have a field from my recordset called RS("Password").
If I wish to display each character as an asterix '*' how do I go
about it.
I've seen the replace function, but cannot work out how to do it for
how ever many characters there are in the record ?
Appreciate your help

David.

Jul 19 '05 #2
Thanks,

I had just started to think about using For I = , but could not think
about the strPass = strPass & "*"
Nice one....Thanks

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Jul 19 '05 #3
Alex Goodey wrote on 02 feb 2004 in
microsoft.public.inetserver.asp.general:
For i to Len(RS("Password"))
strPass = strPass & "*"
Next


strPass = String(Len(RS("Password")),"*")

--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
Jul 19 '05 #4
strPass = String(Len(strPass), "*")

What is the reason you (OP) want to do this though? Why not just use a
length of *'s that isn't specific to the length of the user's password, if
you aren't going to display it? And you're aware of <input type=password>,
right?

Ray at work
"Alex Goodey" <ag*****@hsfinancial.co.uk> wrote in message
news:bv************@ID-221525.news.uni-berlin.de...
For i to Len(RS("Password"))
strPass = strPass & "*"
Next

then use strPass iin your display

"David" <da***@scene-double.co.uk> wrote in message
news:c1**************************@posting.google.c om...
Hi,

I have a field from my recordset called RS("Password").
If I wish to display each character as an asterix '*' how do I go
about it.
I've seen the replace function, but cannot work out how to do it for
how ever many characters there are in the record ?
Appreciate your help

David.


Jul 19 '05 #5
"Ray at <%=sLocation%> [MVP]" <myfirstname at lane34 dot com> wrote in
message news:ud**************@TK2MSFTNGP12.phx.gbl...
strPass = String(Len(strPass), "*")

What is the reason you (OP) want to do this though? Why not just use a
length of *'s that isn't specific to the length of the user's password, if
you aren't going to display it? And you're aware of <input type=password>, right?


Ray, I hope you're joking about <input type=password>. That is, I hope you
don't mean something like this:

<%
Response.Write "<input type=""password"" value=""" & RS("Password") & """>"
%>

As I'm sure you know, viewing the source of the document would reveal the
actual value of the password.

Regards,
Peter Foti

Jul 19 '05 #6

"Peter Foti" <pe***@Idontwantnostinkingemailfromyou.com> wrote in message
news:10*************@corp.supernews.com...

Ray, I hope you're joking about <input type=password>. That is, I hope you don't mean something like this:

<%
Response.Write "<input type=""password"" value=""" & RS("Password") & """>" %>

As I'm sure you know, viewing the source of the document would reveal the
actual value of the password.

Yes, I know, but I still had to ask if the OP is aware of the password
input.

Ray at work
Jul 19 '05 #7
yes, but the person using the password should know it, otherwise why even
put it on the screen?
The reason behind the <input type=password> is so that a passer-by can't
read it over your shoulder.

--
Curt Christianson
Owner/Lead Developer, DF-Software
www.Darkfalz.com
"Peter Foti" <pe***@Idontwantnostinkingemailfromyou.com> wrote in message
news:10*************@corp.supernews.com...
"Ray at <%=sLocation%> [MVP]" <myfirstname at lane34 dot com> wrote in
message news:ud**************@TK2MSFTNGP12.phx.gbl...
strPass = String(Len(strPass), "*")

What is the reason you (OP) want to do this though? Why not just use a
length of *'s that isn't specific to the length of the user's password, if you aren't going to display it? And you're aware of <input type=password>,
right?


Ray, I hope you're joking about <input type=password>. That is, I hope

you don't mean something like this:

<%
Response.Write "<input type=""password"" value=""" & RS("Password") & """>" %>

As I'm sure you know, viewing the source of the document would reveal the
actual value of the password.

Regards,
Peter Foti

Jul 19 '05 #8
"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl...
yes, but the person using the password should know it, otherwise why even
put it on the screen?
The reason behind the <input type=password> is so that a passer-by can't
read it over your shoulder.


Ah, true I suppose. I guess it depends on the context of who the user is
and what they're doing. For example, if this is an admin system listing all
of the users, then it shouldn't be putting the real password value in. But
if this is an individual user, then I suppose the main risk is that the page
could be stored in cache somewhere.

-Peter

Jul 19 '05 #9
If it's an admin he shouldn't even be retrieving the password to the screen,
at all.
Guess that's my point, I couldn't think of a single use to read the
password, and display it as *** if the user wasn't supposed to know it.
Seems like the OP was trying to do something "weird" and most likely
incorrect.

--
Curt Christianson
Owner/Lead Developer, DF-Software
www.Darkfalz.com
"Peter Foti" <pe***@Idontwantnostinkingemailfromyou.com> wrote in message
news:10*************@corp.supernews.com...
"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl...
yes, but the person using the password should know it, otherwise why even put it on the screen?
The reason behind the <input type=password> is so that a passer-by can't
read it over your shoulder.
Ah, true I suppose. I guess it depends on the context of who the user is
and what they're doing. For example, if this is an admin system listing

all of the users, then it shouldn't be putting the real password value in. But if this is an individual user, then I suppose the main risk is that the page could be stored in cache somewhere.

-Peter

Jul 19 '05 #10
Yes, exactly! Unfortunately, the OP has disappeared and we'll probably
never know...

"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl...
Seems like the OP was trying to do something "weird" and most likely
incorrect.

Jul 19 '05 #11
"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl...
If it's an admin he shouldn't even be retrieving the password to the screen, at all.
Well, perhaps for resetting a password (that is, admin never actually sees
the value currently stored, but can reset the password for an end user that
has forgotten it).
Guess that's my point, I couldn't think of a single use to read the
password, and display it as *** if the user wasn't supposed to know it.
Seems like the OP was trying to do something "weird" and most likely
incorrect.


I agree with you there. :)
Regards,
Peter
Jul 19 '05 #12
On Mon, 2 Feb 2004 16:57:56 -0500, "Peter Foti"
<pe***@Idontwantnostinkingemailfromyou.com> wrote:
"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl...
If it's an admin he shouldn't even be retrieving the password to the

screen,
at all.


Well, perhaps for resetting a password (that is, admin never actually sees
the value currently stored, but can reset the password for an end user that
has forgotten it).


Even then, the display doesn't need to show a password or asterisks or
anything. An input to enter the new password and a change password
button is plenty. Of course that input would be Type = Password...
:)

Jeff
Guess that's my point, I couldn't think of a single use to read the
password, and display it as *** if the user wasn't supposed to know it.
Seems like the OP was trying to do something "weird" and most likely
incorrect.


I agree with you there. :)
Regards,
Peter


Jul 19 '05 #13
> Ah, true I suppose. I guess it depends on the context of who the user is
and what they're doing. For example, if this is an admin system listing all of the users, then it shouldn't be putting the real password value in. But if this is an individual user, then I suppose the main risk is that the page could be stored in cache somewhere.


Presumably, the reason for displaying (that there is) a password at all, yet
not showing it, is so that it can be changed.

Unless there is a change to be made, I don't see any reason to display a
password form field at all. IMHO.

Rather than show ****** I think it would be more effective to only show the
password box when the user or admin requests to change it. *THAT* change
should use input type=password.

Even if the user is logged in, it's always a little extra precaution to
require that they enter their old password once (to confirm that someone
didn't happen upon someone else's workstation).

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/
Jul 19 '05 #14
Wow,

I did not expect so many replies !..Cool.
This is a simple system for our customers to log in and track their
orders, upload orders etc...

The reason I wanted to hide the password is just for security. They
should have it on their initial set-up email.
I like to show how many characters are in the password as this sometimes
helps jog the users memory as to what is was.

Thanks for all your advice
David

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Jul 19 '05 #15
Alex,

This works well, but now I have the following problem.
I have the following code, but all the passwords listed as '*', are
displaying the same number of characters even though they should display
different numbers of characters..

My code....

_____________________________________________
else

For i = 1 to Len(RS("Password"))
strPass = strPass & "*"
Next

response.write blah blah blah....

do until RS.EOF

response.write "<tr><td>" & RS("UserID") & "</TD><TD>" & strPass &
"</TD><TD>" & RS("Email") & "</td></tr>"

RS.movenext

loop

_________________________________________
If I take the For loop out of the Do loop then it lists the passwords as
the first one only...I understand this. If it is left in the do loop, it
just adds the characters on for each user, so, it displays longer &
longer passwords...

I want it to display the number of characters in each users password as
follows:

User 1, password: ****
User 2, password: ********
User 3, password: ******

not...where all passwords shown are for user1

User 1, password: ****
User 2, password: ****
User 3, password: ****

or, where it just appends on to the end each loop

User 1, password: ****
User 2, password: ********
User 3, password: ************

What is the solution.....thanks.

David
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Jul 19 '05 #16
as some of the others pointed out, you can use this.

String(Len(RS("Password")),"*")

so you get this

response.write "<tr><td>" & RS("UserID") & "</TD><TD>" &
String(Len(RS("Password")),"*") &
"</TD><TD>" & RS("Email") & "</td></tr>"

if you still want to use the other way the FOR loop must be inside the Do
Until loop.
"David Gordon" <da***@scene-double.co.uk> wrote in message
news:Ol**************@TK2MSFTNGP09.phx.gbl...
Alex,

This works well, but now I have the following problem.
I have the following code, but all the passwords listed as '*', are
displaying the same number of characters even though they should display
different numbers of characters..

My code....

_____________________________________________
else

For i = 1 to Len(RS("Password"))
strPass = strPass & "*"
Next

response.write blah blah blah....

do until RS.EOF

response.write "<tr><td>" & RS("UserID") & "</TD><TD>" & strPass &
"</TD><TD>" & RS("Email") & "</td></tr>"

RS.movenext

loop

_________________________________________
If I take the For loop out of the Do loop then it lists the passwords as
the first one only...I understand this. If it is left in the do loop, it
just adds the characters on for each user, so, it displays longer &
longer passwords...

I want it to display the number of characters in each users password as
follows:

User 1, password: ****
User 2, password: ********
User 3, password: ******

not...where all passwords shown are for user1

User 1, password: ****
User 2, password: ****
User 3, password: ****

or, where it just appends on to the end each loop

User 1, password: ****
User 2, password: ********
User 3, password: ************

What is the solution.....thanks.

David
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!

Jul 19 '05 #17
David Gordon wrote:
Alex,

This works well, but now I have the following problem.
I have the following code, but all the passwords listed as '*', are
displaying the same number of characters even though they should
display different numbers of characters..

My code....

_____________________________________________
else

For i = 1 to Len(RS("Password"))
strPass = strPass & "*"
Next

response.write blah blah blah....

do until RS.EOF

response.write "<tr><td>" & RS("UserID") & "</TD><TD>" & strPass &
"</TD><TD>" & RS("Email") & "</td></tr>"

RS.movenext

loop

_________________________________________
If I take the For loop out of the Do loop then it lists the passwords
as the first one only...I understand this. If it is left in the do
loop, it just adds the characters on for each user, so, it displays
longer & longer passwords...

I want it to display the number of characters in each users password
as follows:

User 1, password: ****
User 2, password: ********
User 3, password: ******

not...where all passwords shown are for user1

User 1, password: ****
User 2, password: ****
User 3, password: ****

or, where it just appends on to the end each loop

User 1, password: ****
User 2, password: ********
User 3, password: ************

What is the solution.....thanks.

Set the value of strPass IN the loop, not outside it. strPass's value never
changes in your code ...

Bob Barrows

--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"
Jul 19 '05 #18
sorry missed the last bit of your post, if you use the original way, just
clear strPass before the for loop

strPass = ""
For i = 1 to Len(RS("Password"))
strPass = strPass & "*"
Next

"Alex Goodey" <ag*****@hsfinancial.co.uk> wrote in message
news:bv************@ID-221525.news.uni-berlin.de...
as some of the others pointed out, you can use this.

String(Len(RS("Password")),"*")

so you get this

response.write "<tr><td>" & RS("UserID") & "</TD><TD>" &
String(Len(RS("Password")),"*") &
"</TD><TD>" & RS("Email") & "</td></tr>"

if you still want to use the other way the FOR loop must be inside the Do
Until loop.
"David Gordon" <da***@scene-double.co.uk> wrote in message
news:Ol**************@TK2MSFTNGP09.phx.gbl...
Alex,

This works well, but now I have the following problem.
I have the following code, but all the passwords listed as '*', are
displaying the same number of characters even though they should display
different numbers of characters..

My code....

_____________________________________________
else

For i = 1 to Len(RS("Password"))
strPass = strPass & "*"
Next

response.write blah blah blah....

do until RS.EOF

response.write "<tr><td>" & RS("UserID") & "</TD><TD>" & strPass &
"</TD><TD>" & RS("Email") & "</td></tr>"

RS.movenext

loop

_________________________________________
If I take the For loop out of the Do loop then it lists the passwords as
the first one only...I understand this. If it is left in the do loop, it
just adds the characters on for each user, so, it displays longer &
longer passwords...

I want it to display the number of characters in each users password as
follows:

User 1, password: ****
User 2, password: ********
User 3, password: ******

not...where all passwords shown are for user1

User 1, password: ****
User 2, password: ****
User 3, password: ****

or, where it just appends on to the end each loop

User 1, password: ****
User 2, password: ********
User 3, password: ************

What is the solution.....thanks.

David
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!


Jul 19 '05 #19
Reset strPass to be vbNullString or "" at the start of each loop:

'Loop through the records.
Do Until RS.EOF

'No need to reset the password starts value if we are doing assignment only.
'Determine the correct length and fill with stars.
strPass = String(Len(RS.Fields("Password").Value), "*")

'Write the string to the browser
Response.Write "<tr><td>" & RS.Fields("UserID").Value & "</TD><TD>" &
strPass &
"</TD><TD>" & RS.Fields("Email").Value & "</td></tr>"

RS.MoveNext

Loop

NB: You should also be storing the password 'encrypted' in the DB - depends
on how paranoid you are!

Chris.

"David Gordon" <da***@scene-double.co.uk> wrote in message
news:Ol**************@TK2MSFTNGP09.phx.gbl...
Alex,

This works well, but now I have the following problem.
I have the following code, but all the passwords listed as '*', are
displaying the same number of characters even though they should display
different numbers of characters..

My code....

_____________________________________________
else

For i = 1 to Len(RS("Password"))
strPass = strPass & "*"
Next

response.write blah blah blah....

do until RS.EOF

response.write "<tr><td>" & RS("UserID") & "</TD><TD>" & strPass &
"</TD><TD>" & RS("Email") & "</td></tr>"

RS.movenext

loop

_________________________________________
If I take the For loop out of the Do loop then it lists the passwords as
the first one only...I understand this. If it is left in the do loop, it
just adds the characters on for each user, so, it displays longer &
longer passwords...

I want it to display the number of characters in each users password as
follows:

User 1, password: ****
User 2, password: ********
User 3, password: ******

not...where all passwords shown are for user1

User 1, password: ****
User 2, password: ****
User 3, password: ****

or, where it just appends on to the end each loop

User 1, password: ****
User 2, password: ********
User 3, password: ************

What is the solution.....thanks.

David
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Jul 19 '05 #20
Yes, I would agree that Weird is the right word to describe the OP and
the praise for the first answer is even more Awesome! But, for the Admin
the display of passwords is sometimes on in smaller websites where the
number of users are less and are likely to ask for passwords to be sent
to a new email Id (Of course if this is provided for in the FAQ).

with regards,
J.V.Ravichandran
- http://www.geocities.com/
jvravichandran
- http://www.411asp.net/func/search?
qry=Ravichandran+J.V.&cob=aspnetpro
- http://www.southasianoutlook.com
- http://www.MSDNAA.Net
- http://www.csharphelp.com
- http://www.poetry.com/Publications/
display.asp?ID=P3966388&BN=999&PN=2
- Or, just search on "J.V.Ravichandran"
at http://www.Google.com

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Jul 19 '05 #21

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

4 posts views Thread by BADEV | last post: by
1 post views Thread by Tim | last post: by
5 posts views Thread by Socrates | last post: by
20 posts views Thread by Niyazi | last post: by
reply views Thread by =?Utf-8?B?am1obWFpbmU=?= | last post: by
1 post views Thread by CARIGAR | last post: by
reply views Thread by zhoujie | last post: by
reply views Thread by suresh191 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.