Nannette Thacker ShiningStar.net - All Comments

Backcolor hex | Seifen

Backcolor hex | Seifen — Thu, 09 Feb 2012 17:37:52 GMT

Pingback from Backcolor hex | Seifen

re: ChangePassword Method for Entity Framework MVC3 Razor Custom Member Provider C# Using LINQ

Gilber Velez — Tue, 07 Feb 2012 17:32:03 GMT

There was nothing wrong with your post because:

You should always post as if the reader has no knowledge of the topic. If there’s one thing I’ve learned is that you should Dummy proof everything. Assume your readers are all novices.

You were correct in trimming the passwords because there should never be leading or ending spaces in a password. Again that dummy proofing. It’s just clean work to anticipate the end users mistakes or you could reject the user input(which will just annoy the end user).

re: C# MVC3 Razor Entity Framework & LINQ Custom Membership Provider with Custom Role Provider

Gilber Velez — Tue, 07 Feb 2012 04:40:39 GMT

Thank you for all of your assistance, I wish more people could be as detailed as you are.

re: Deploying the ASPNETDB.MDF to a Remote SQL Server Database

Joe — Fri, 03 Feb 2012 18:26:51 GMT

OK, I got to the point of the "execute" now where does SQL Server Management save to so I can retrieve it?

re: ChangePassword Method for Entity Framework MVC3 Razor Custom Member Provider C# Using LINQ

Nick Brower — Fri, 03 Feb 2012 16:13:56 GMT

Thanks so much for your custom membership provider. I looked everywhere for one using LINQ and MVC and yours is the only one I found. Thanks for taking the time to put it together dude! It's really appreciated!

re: ChangePassword Method for Entity Framework MVC3 Razor Custom Member Provider C# Using LINQ

nannette — Sun, 29 Jan 2012 18:10:57 GMT

MuteThis,

Thanks for the suggestions. Yes, it is very important to take in consideration the design requirements for your project. I didn't intend this project to be a comprehensive study; just a starting point to help people figure out how to implement the custom membership provider. From there, I would most certainly recommend they implement security measures and the detailed requirements of their system.

To salt a password per user, there should be an additional field in the user table to use as a salt value; that is beyond the scope of this project; but I definitely appreciate you pointing that out to users. Typically you look up the unique email address log in, find the salt value of that record, and then generate the encrypted password, and look it up under that email address.

As far as trimming passwords, I would recommend that be considered in the registration process: do you allow users to have spaces in their passwords? If so, remove trims, if not, definitely use trims. A lot of times users will paste in their password from a document of passwords and they end up with a space on the end, then it never works. I always recommend not allowing spaces at all.

Thanks again for the suggestions!

Nannette

re: Ajax Control Toolkit Installation in Visual Web Developer

Ankit Baria — Tue, 24 Jan 2012 14:09:06 GMT

Thanks a lot

re: Attributes.Add: Adding Javascript Click Events Programmatically in Code-Behind

Rockie — Sat, 21 Jan 2012 09:05:08 GMT

Hi Nannete , thanks for the post , Im new in aspx and i found this very useful.

One thing i need to know is how can i load the image for the the first time with the desired width and height (e.g. 100x100) if any predefine is not allowed ? Since the real image sizes will be loaded into the page exactly as it is from the first call.

Thanks a lot, rockie from Indonesia

re: Illustrator Image Edges and Anti-Aliasing

Journey — Fri, 20 Jan 2012 02:24:58 GMT

Thanks for shiarng. What a pleasure to read!

re: HashPassword Method for Entity Framework MVC3 Razor Custom Member Provider C# Using LINQ

RichardD — Thu, 19 Jan 2012 12:43:20 GMT

And another:

blogs.msdn.com/.../secure-credential-storage.aspx