ansaurus

Question

ASP.NET Login control without a Username

Answer 1

+1 A:

Updated Answer:

Your best bet is to transform the login control into a label, and then display that over the empty textbox for their password.

Ye Olde Answer:

Why do you want to do that; what happens if two users have the same password?

George Stocker 2009-06-15 13:12:58

That's not an issue. In this case I am identifing the user on a previous page.

Dead account 2009-06-15 13:22:38

-1. I dont think you get what im trying to do. Covering over a textbox control won't work in IE6.

Dead account 2009-06-15 13:45:02

No, but it does work in ASP.NET on the server side.

George Stocker 2009-06-15 13:51:28

Would you use online banking if they used floating div's to cover textboxes that had a GUID in them?

Dead account 2009-06-15 14:09:35

Quite simply, (though I hate saying never), it's VERY RARELY a good idea to separate the login from the password. If you must have them re-enter their password, then show their login above it as a label or as bolded Text, so they're at least sure of who they're logged in as (especially if multiple family members use that bank).

George Stocker 2009-06-15 14:12:58

They're not re-entering their password. This is their first time to login after registering. Go to www.aib.ie and try to login. Step1: "who are you" Step2: "password"

Dead account 2009-06-15 14:17:46

That's painful. Since those are part and parcel to one another, why aren't they on the same page? Why make it more difficult?

George Stocker 2009-06-15 14:20:27

Does the bank that you use have online access. Is it a two stage process? If it doesn't, who are they?

Dead account 2009-06-15 14:25:47

My bank follows the same convention other banks use. For LOGGING ON, it's on one page. For REGISTERING, it's either on one page or as part of a 'wizard'. Those are two separate and distinct processes.

George Stocker 2009-06-15 14:32:46

So which bank uses just 1 page to login?

Dead account 2009-06-15 14:33:42

George Stocker 2009-06-15 14:49:23

Ok. Point taken. And I would agree that it's a pain having a 2-step process. But it's a 2-step process I need to implement using FormsAuthentication.

Dead account 2009-06-15 14:56:50

A hidden styled div is your best bet then. I feel very bad for you; and this conversation has been fruitful. I didn't realize that anyone on the net did it any other way!

George Stocker 2009-06-15 15:15:22

+1 Thanks for your input aswell. Good to be challenged.

Dead account 2009-06-15 15:27:09

Yup. +1 back to the question for realizing that you aren't the designer, just the poor programmer that has to make this happen.

George Stocker 2009-06-15 15:30:20

Bank of America uses the two step process...first time I logged in after they changed to it I was so lost.

JoshBerke 2009-06-15 18:05:26

First Merit also has a two step process...they do this so they can display a sitekey which is an image you choose to represent their site. Helps against phishing attacks

JoshBerke 2009-06-15 18:06:16

Yes, a friend and I were talking about this. For initial login/other PCs having a 'two step process' CAN help. There are other ways; some of which I'll detail on my blog when I get a free moment.

George Stocker 2009-06-15 18:31:13

Answer 2

+4 A:

I'd sure style it with display:none long before rolling my own.

Jeffrey 2009-06-15 13:13:26

+1 Currently the best solution so far. Also can't use a hidden control either :(

Dead account 2009-06-15 13:23:20

Answer 3

+3 A:

What functionality do you want from the Login Control? I assume your rolling your own authentication mechanism? Are you really going to gain a lot by reusing the login control? If so set the style to display:none.

Edit

If you identify the user on a previous page why not show a disabled textbox with the username or part of the username in it? I've seen some banks do this where on the first page you put the login and maybee the state you live in, then it validates that, then shows you the first three characters of the login name, and your site key and asks for your password.

JoshBerke 2009-06-15 13:17:59

Yes, you're very close to what Im trying to do, except the UserId in this case is some crazy random string. I'll stick with the display:none, and if someone disables styles they'll see why I hid the field :)

Dead account 2009-06-15 13:46:32

Makes sense in your case, you should also make the textbox readonly so if they disable styles they can't easily muck with it.

JoshBerke 2009-06-15 13:52:02

+1 Readonly - good idea. I know that their user Guid is and am not reading from the field but it'll keep some messers at bay.

Dead account 2009-06-15 14:12:14

Answer 4

+1 A:

I haven't tested this, and it may sound a little silly, but you might be able to write a wrapper for the login control, like a UserControl with a LoginForm as a property - Then use the Init event to assign values from the controls you create to update the values onto the LoginForm (property)

If the property doesn't work, you might be able to put it on the page, but make it hidden.

Hugoware 2009-06-15 13:50:01

ansaurus

tags:

views:

answers:

ASP.NET Login control without a Username

related questions