Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Password expiration

6 views
Skip to first unread message

Jean-Francois Bouthillier

unread,
Jul 15, 2003, 2:03:28 PM7/15/03
to
Hi all,

I am using Access 2002 workgroup file for security. How
can I give users a flag when it has been more than x days
since they last changed their passsword?

Thank you very much,
Jean-Francois

Douglas J. Steele

unread,
Jul 15, 2003, 7:19:59 PM7/15/03
to
AFAIK, there isn't such a capability in Access.

--
Doug Steele, Microsoft Access MVP
http://I.Am/DougSteele


"Jean-Francois Bouthillier" <jf_bout...@hotmail.com> wrote in message
news:094801c34afb$64c33fb0$a001...@phx.gbl...

Graham Mandeno

unread,
Jul 15, 2003, 8:20:06 PM7/15/03
to
Hi Jean-François

As Doug says, this is not built it to Access, but you could have your own
table of users and password change dates, and build your own form for users
to change their password.

The actual code to change a password is quite simple:
DBEngine(0).Users(CurrentUser).NewPassword sOldPwd, sNewPwd

You just need to add error trapping, and a check when the database opens
that it's not time for a change.

--
Good Luck!
Graham Mandeno [Access MVP]
Auckland, New Zealand

Return mail address is invalid in a vain attempt to reduce spam.
Feedback is welcome at: gra...@mvps.org
Please post new questions or followups to newsgroup.

"Jean-Francois Bouthillier" <jf_bout...@hotmail.com> wrote in message
news:094801c34afb$64c33fb0$a001...@phx.gbl...

TC

unread,
Jul 15, 2003, 11:03:51 PM7/15/03
to
"Jean-Francois Bouthillier" <jf_bout...@hotmail.com> wrote in message news:<094801c34afb$64c33fb0$a001...@phx.gbl>...
> Hi all,
>
> I am using Access 2002 workgroup file for security. How
> can I give users a flag when it has been more than x days
> since they last changed their passsword?


You'll need to code it manually. Perhaps something like this (in
pseudo-code):

on system startup:
find user in table;
if not found
add entry with today's date & pw;
else ' found.
see if pw changed;
if yes
update date to today's
else ' pw not changed.
check date difference;
if > limit, issue a warning.
endif
endif

This assumes you have a table containing (for each user):

UserName (primary key)
Password (encrypted)
DateLastChanged

To get a user's encrypted password, do something like this: untested,
cos I don't have Access here to check:

dim db as database, rs as recordset
set db=dbengine.opendatabase(syscmd(acsyscmdgetworkgroupfile))
set rs=db.openrecordset ( _
"select password from msysusers" & _
" where user=""" & currentuser() & """"
debug.print rs![password]
set rs=nothing
set db=nothing

(Note: I'm not sure of the following names. You'll have to check them
out for
yourself:
- "acsyscmdgetworkgroupfile" constant;
- "user" column name.)

As you can see, it's not a job for a beginner. If none of the above
makes any sense to you, you'd be better to say, "This can not readily
be done in Access".

HTH,
TC

TC

unread,
Jul 16, 2003, 2:27:18 AM7/16/03
to
This is simpler than my solution. However, it does not prevent the user from
re-entering his (unchanged) password every 'x' days! To prevent that, you'd
need to store a one-way hash of the new password, in the table, so you could
tell if the password had actually changed, or not.

TC

Graham Mandeno <Graham....@nomail.please> wrote in message
news:uE7sDAzS...@TK2MSFTNGP12.phx.gbl...

0 new messages