Reputation: 6700
make a default password for password textboxes that can't be reproduced by the client
Is it possible to set a password textbox text to text that the user could not reproduce on their end?
Like are there special characters that can only be set from the server?
For instance, one way to do this would be to use javascript to prevent typing of *'s, and to set the textbox text to be all *'s. But that's hacky.
The motivation is to be able to tell on the server if the user changed the password at all, but not to restrict them from having a password of all *'s, for instance.
Upvotes: 0
Views: 243
Answers (4)
Reputation: 416
You probably want to use the TAB character (that is "\t"). But I'm sure there's a better way to do whatever it is that you're trying to do.
edit
I think I understand what you are asking for now.
This ought to do what you want. It is javascript but it's real simple.
<input type="password" name="userpass" value=" " onfocus="if(this.pwclick == undefined){ this.default = this.value; this.value=''; this.pwclick = 1;}" onblur="if(this.value == ''){this.value = this.default;this.pwclick = undefined;}" />
Then on the backend just do the following and it will cause the javascript to be compatible even if the user has javascript turned off.
if(userpass.Trim().Length > 0{
# actions to change the user's password
}
Upvotes: 1
Reputation: 71565
I agree that is it impossible to specify a character that a user could not enter by themselves; however, it can be extremely difficult for the average user to enter certain characters.
In more detail; using a standard US 104-key keyboard in Windows, it is possible to enter Unicode character codes by holding Alt and typing the character code using the numpad keys. So, someone could enter a character that does not appear on the keyboard and cannot be typed with a combination of modifier and letter keys. 99% of computer users on the planet do not know this is possible, and even the remaining 1% would probably have to look up the code for a particular non-standard character.
Now, other languages which use the Latin characters, but with accent marks and other modifications, have easier-to-access modifier key combinations, allowing a user to type accented letters much like English speakers would use capital letters. Obviously, users in regions using different character sets have keyboards that can type very esoteric-seeming symbols with a single keypress. A user in one of those cultures would have much easier access to characters that are difficult for US 104-key users.
So, it is impossible to specify a character in the Unicode codepage from code, that could not be reproduced by a user on their keyboard. However, they'd have to know exactly which character was being used, and its Unicode code, in order to reproduce it.
Upvotes: 2
Reputation: 5024
No, I don't think that is possible.
Edit
Why don't you use something as the default password which does not follow your rules for password length, allowed characters etc.? (Even if you allow all characters, allowing one-character passwords is not really an option, is it?)
Upvotes: 2
Reputation: 993
Just add another hidden field that is intialized with the same text as you intialize the password text box. Then if they are still the same when they submit it, give them an error.
Upvotes: 0
Related Questions
- Textbox using password mode
- how to password protect a textbox, to secure input in winform c#
- How to set default value to login password text box in asp.net?
- Need help in asp.net password textbox
- ASP.NET password textbox value set to "Password" automatically
- Adding default value to ASP TextBox with TextMode = Password
- ASPX Password textbox
- default value for asp.net textbox -> TextMode = password
- Set password textbox value in a secure way
- Initialize TextBox with the Password TextMode