main@magicu-l.groups.io | Password complexity

Home Messages Hashtags Subgroups Wiki

Date Date 1 - 9 of 9

Password complexity

Anton Doank #195853 hi guys, i want to make batch task to check complexity of the password. i want this batch task can check that the password must have min 8 char of length and min 1 uppercase, 1 number and 1 symbol. how to achieve this goal?
More All Messages By This Member
Todd Baremore #195854 Anton, My syntax is probably off, but you'll get the idea..... Virtual A Password Alpha 20 Virtual B PswdChar Alpha 1 Virtual C HasLowerCase Logical Virtual D HasUpperCase Logical Virtual E HasNumber Logical Virtual F HasSymbol Logical Block While Loopcounter() <= len(trim(A)) Update B = Mid(trim(A),LoopCounter(),1) Update C = 'True'L Cnd: Instr('abcdefghijklmnopqrstuvwxyz',B) Update D = 'True'L Cnd: Instr('ABCDEFGHIJKLMNOPQRSTUVWXYZ',B) Update E = 'True'L Cnd: Instr('0123456789',B) Update F = 'True'L Cnd: Instr('~!@#$%^&*()_-+=<>{}/[]\',B) End Block Verify Warning 'Good Password' Cnd: C and D and E and F and len(trim(A))>7 Verify Warning 'Bad Password' Cnd: Not(C and D and E and F and len(trim(A))>7) Todd toggle quoted messageShow quoted text On 5/9/2022 8:05 AM, Anton Doank wrote: hi guys, i want to make batch task to check complexity of the password. i want this batch task can check that the password must have min 8 char of length and min 1 uppercase, 1 number and 1 symbol. how to achieve this goal?
More All Messages By This Member
Anton Doank #195855 hi todd..thank you your logic is very clear..thank you very much
More All Messages By This Member
Keith Canniff #195856 Anton, If this is for a company, maybe you should think about using their LDAP or Active Directory for your users and passwords. IT hates having to manage two sets of users and passwords. When you tell them that your application can use LDAP or Active Directory for user/password management they will be very happy with you. Now you don’t have to worry about password complexity. The company has determined this. Then again, if this is for a standalone application, Todd’s method will work fine. Keith toggle quoted messageShow quoted text From: main@magicu-l.groups.io <main@magicu-l.groups.io> On Behalf Of Anton Doank Sent: Monday, May 9, 2022 8:06 AM To: main@magicu-l.groups.io Subject: [magicu-l] Password complexity hi guys, i want to make batch task to check complexity of the password. i want this batch task can check that the password must have min 8 char of length and min 1 uppercase, 1 number and 1 symbol. how to achieve this goal?
More All Messages By This Member
Anton Doank #195857 hi keith, yes this is for my company inhouse program. this program already run about 15 year so far. i create simple customize login form that not connected to active directory. before password parameter is only 8 char of length. now i want to enhance the password parameter like todd logic. my user can have multiple username for program but they only have 1 username in active directory. thats why i cannot using that way. or maybe there is something that i missed to use that feature? and i also dont want to make major changes for the credential. single password is good for user so they no need to remember multiple password for each application
More All Messages By This Member
Keith Canniff #195858 Anton, The user actually doesn’t have to log into the program at all. When the program starts and it’s set to use AD, Magic itself goes out and authenticates against AD. So they don’t have to remember another password at all. So it works like this. Active Directory (IT) IT sets up security groups in AD (that match the names of the groups you have in your Magic program) IT assigns users to those groups (the same as you would have in Magic) Your Magic Application You remove the users (or you can leave them there and not use them In the Magic.ini you switch the login mode. That’s basically it. Magic looks up the user in AD and downloads all the groups associated with them. Magic then uses those groups to get all the rights in your application and your application works the same as it did before. No programming changes necessary! Pros User doesn’t have to learn another (now complex) password When users are added or deleted from the network, your application doesn’t have to be updated If the company wants to change the password strength, or force a change to the password at timed intervals (like every 30 or 90 days) you don’t have to do anything in your application Cons Since the user doesn’t log into the application, they have to be that network user in the application This can be overridden. For example I have an admin account that uses a separate shortcut that uses an override file to tell Magic to use the traditional login and then I have to login with a userid/password. Since I only use this account rarely, it’s not a big deal You cannot use individual rights on users. All rights must be assigned to groups If you have rights that temporary (switch between users, vacation, etc.) then you can setup individual groups for these rights and then IT can assign those groups to users and have them expire at some point. Hopefully that provides more information for you to make a decision by. Keith toggle quoted messageShow quoted text From: main@magicu-l.groups.io <main@magicu-l.groups.io> On Behalf Of Anton Doank Sent: Monday, May 9, 2022 10:11 AM To: main@magicu-l.groups.io Subject: Re: [magicu-l] Password complexity hi keith, yes this is for my company inhouse program. this program already run about 15 year so far. i create simple customize login form that not connected to active directory. before password parameter is only 8 char of length. now i want to enhance the password parameter like todd logic. my user can have multiple username for program but they only have 1 username in active directory. thats why i cannot using that way. or maybe there is something that i missed to use that feature? and i also dont want to make major changes for the credential. single password is good for user so they no need to remember multiple password for each application
More All Messages By This Member
Anton Doank #195860 hi keith, thank you for your complete brief about ldap. one more question. my program use user(0) function to get the username who login to write username in every table of transaction. because all my program use this username can ldap solve this case?from my knowledge user(0) only can retrieve from magic logon function. correct me if iam wrong
More All Messages By This Member
Keith Canniff #195861 Anton, Yes User(0) will return the username from the network. So if your network Username is ADoank, then User(0) will return ADoank. I believe the one thing you have to be careful with is using long user names. For example some networks will setup the user with “Anton.Doank” as the username. I think this caused a problem but the IT people where our software was installed resolved it. Keith toggle quoted messageShow quoted text From: main@magicu-l.groups.io <main@magicu-l.groups.io> On Behalf Of Anton Doank Sent: Monday, May 9, 2022 11:06 AM To: main@magicu-l.groups.io Subject: Re: [magicu-l] Password complexity hi keith, thank you for your complete brief about ldap. one more question. my program use user(0) function to get the username who login to write username in every table of transaction. because all my program use this username can ldap solve this case?from my knowledge user(0) only can retrieve from magic logon function. correct me if iam wrong
More All Messages By This Member
Anton Doank #195864 thanks keith, i will explore the probability to use this feature. need time to RnD, thank you
More All Messages By This Member

1 - 9 of 9

1

Previous Topic Next Topic

Home Hashtags Subgroups Wiki About Features Pricing Updates Terms Help Twitter