Password protecting a data file... how to cope with forgotten password?

dunbarx at aol.com dunbarx at aol.com
Tue Jun 12 12:38:08 EDT 2012


That old trick, setting a hint might work. Usually when one gets the hint, so to speak, the password is resurrected.


Craig Newman



-----Original Message-----
From: Bob Sneidar <bobs at twft.com>
To: How to use LiveCode <use-livecode at lists.runrev.com>
Sent: Tue, Jun 12, 2012 12:26 pm
Subject: Re: Password protecting a data file... how to cope with forgotten password?


For an application I think the only way to maintain security in this situation 
is to tell people to NOT FORGET THEIR PASSWORD or else they will lose access to 
their data. They will need at that point to create a new account and password. 
But a password may not be necessary. 

Is this a single user kind of application? If so, then their security is being 
provided by the OS when they log into their computer as themselves. The app 
(IMHO) should not need to provide security, because access to their computer and 
their account is their responsibility. 

If this is a multi-user app where different people can log in as themselves and 
access their own data, then what I would do for an app like yours is have an 
Administrator account, and upon first login, force the user to create an admin 
password with stern warnings about not forgetting it. I then restrict admins to 
account creation and deletion only. Admins are not allowed to view sensitive 
data. Deletion of an account deletes the data as well. 

I would really like to see a Livecode command that called the OS authentication 
dialog, and returned true if successful, false if not. 

Bob

On Jun 12, 2012, at 8:41 AM, Tereza Snyder wrote:

> The application I’m working on needs to store possibly confidential client 
info on the user’s hard drive. It's asking for an optional password. (The 
password is optional because it’s up to the user whether they want the extra 
protection). If they DO input a password, and subsequently forget it, how can I 
provide a non-internet-based mechanism for retrieving or resetting the password?
> 
> I thought I’d ask them to re-authenticate as the current user at the OS level, 
the way many programs do. How might that be done in LC?
> 
> Perhaps there’s another way?
> 
> t
> 
> 
> 
> -- 
> Tereza Snyder
> Califex Software, Inc.
> <www.califexsoftware.com>
> 
> 
> 
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode


_______________________________________________
use-livecode mailing list
use-livecode at lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

 



More information about the Use-livecode mailing list