Password protecting a data file... how to cope with forgotten password?
dunbarx at aol.com
dunbarx at aol.com
Tue Jun 12 11:38:08 CDT 2012
That old trick, setting a hint might work. Usually when one gets the hint, so to speak, the password is resurrected.
From: Bob Sneidar <bobs at twft.com>
To: How to use LiveCode <use-livecode at lists.runrev.com>
Sent: Tue, Jun 12, 2012 12:26 pm
Subject: Re: Password protecting a data file... how to cope with forgotten password?
For an application I think the only way to maintain security in this situation
is to tell people to NOT FORGET THEIR PASSWORD or else they will lose access to
their data. They will need at that point to create a new account and password.
But a password may not be necessary.
Is this a single user kind of application? If so, then their security is being
provided by the OS when they log into their computer as themselves. The app
(IMHO) should not need to provide security, because access to their computer and
their account is their responsibility.
If this is a multi-user app where different people can log in as themselves and
access their own data, then what I would do for an app like yours is have an
Administrator account, and upon first login, force the user to create an admin
password with stern warnings about not forgetting it. I then restrict admins to
account creation and deletion only. Admins are not allowed to view sensitive
data. Deletion of an account deletes the data as well.
I would really like to see a Livecode command that called the OS authentication
dialog, and returned true if successful, false if not.
On Jun 12, 2012, at 8:41 AM, Tereza Snyder wrote:
> The application I’m working on needs to store possibly confidential client
info on the user’s hard drive. It's asking for an optional password. (The
password is optional because it’s up to the user whether they want the extra
protection). If they DO input a password, and subsequently forget it, how can I
provide a non-internet-based mechanism for retrieving or resetting the password?
> I thought I’d ask them to re-authenticate as the current user at the OS level,
the way many programs do. How might that be done in LC?
> Perhaps there’s another way?
> Tereza Snyder
> Califex Software, Inc.
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription
use-livecode mailing list
use-livecode at lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription
More information about the use-livecode