Post reply

TSQL to check password: Case sensitive and character check: Is this way ?

  • July 7, 2009 at 10:32 pm

    #136079

    DECLARE @user-id INT

    DECLARE @PassWord VARCHAR(50)

    DECLARE @Ok INT

    SET @user-id = 101

    SET @PassWord = 'dgHH%Ggt4['

    SET @Ok = 0

    SET @Ok = (SELECT COUNT(*) WHERE 101 = @user-id

    AND 'dgHH%Ggt4[' = LTRIM(RTRIM(@PassWord)) COLLATE SQL_Latin1_General_Cp1_CS_AS)

    PRINT @Ok

    if PRINT = 1 it seams to sugest a correct test of a password that

    1) Character correct

    2) Case sensitive correct.

    Is the best and most TSQL accurate way to check a password for the above strict conditions.

    Any other methods ???

  • July 8, 2009 at 12:36 am

    #1021499

    No need to invoke SELECTs.

    IF @user-id = 101 AND @Password = 'dgHH%Ggt4[' COLLATE SQL_Latin1_General_Cp1_CS_AS

    PRINT 'Ok!'

    ELSE

    PRINT 'False'

    But I doubt this is your real scenario. You do have a table where the UserID and Password is stored, right?

    N 56°04'39.16"
    E 12°55'05.25"

  • July 8, 2009 at 6:35 am

    #1021608

    In that case, there is no need to specify the collation,

    COLLATE SQL_Latin1_General_Cp1_CS_AS

    correct me, If am wrong in my views.

    Thanks,

    Venkatesan Prabu .J

    Thanks and Regards,
    Venkatesan Prabu, 😛
    My Blog:

    http://venkattechnicalblog.blogspot.com/

  • July 8, 2009 at 1:46 pm

    #1021885

    You do have a table where the UserID and Password is stored, right?

    Yes thats is correct, all is an table. So the consensus is that my SQL is correct and the best way to achieve a password check ??

  • July 8, 2009 at 1:46 pm

    #1021888

    You do have a table where the UserID and Password is stored, right?

    Yes thats is correct, all is an table. So the consensus is that my SQL is correct and the best way to achieve a password check ??

  • July 8, 2009 at 1:47 pm

    #1021889

    You do have a table where the UserID and Password is stored, right?

    Yes thats is correct, all is an table. So the consensus is that my SQL is correct and the best way to achieve a password check ??

  • July 8, 2009 at 1:47 pm

    #1021890

    You do have a table where the UserID and Password is stored, right?

    Yes thats is correct, all is an table. So the consensus is that my SQL is correct and the best way to achieve a password check ??

  • July 8, 2009 at 2:34 pm

    #1021925

    If you ever have to "store passwords" make sure you salt and hash them.

  • July 8, 2009 at 5:12 pm

    #1022048

    this code looks goog to me:

    http://www.aspheute.com/english/20040105.asp

Viewing 9 posts - 1 through 8 (of 8 total)

You must be logged in to reply to this topic. Login to reply