Prev   Next

Back to the top of the FAQ

Q. Password expiration - how is this done?

I can see there is user expiration. Is there a way to have passwords expire with AuthentiX?

A. I am assuming you are using the internal database, but you can make this work with ODBC too.

User expiration and password expiration are really the same thing. The user will exist even though expired.
Using Basic Authentication, in the access denied page, offer them a link to change their expired password (among the other sign-up offer links).
With Cookie-based authentication the denied url will indicate the reason, and you will be able to use ASP to tell them they have expired, and go to change their expired password.

Then ask them to enter their username, old password, new password. In the script that processes the form, check their details and if all checks out, set the new password as well as the new expiration date (if any).

There is a sample that does this in the ASPocxSamples\changePassword subdirectory.

Back to the top of the FAQ

Prev   Next

Special Keywords: authentication%20management