tags:

views:

94

answers:

2
+2  Q: 

how to validate usename and password from a text file form

I have a login form that has Username and password as inputs from user and I want to validate these login credentials from a text file. How can I do it? I know how to write data and read data..but how to read only specific data.or check whether username password combination exists or not.

+1  A: 

Skipping over the bad practice of storing passwords in a text file (especially if it isn't encrypted) you will need to come up with some sort of file format.

A very basic file could be like an ini file that you read:

[users]
username1=password1
username2=password2

Your algorithm would look for the [users] header, then read each line, split the line on the equal sign and compare the information and keep reading until you find a match, the end of the file, or possibly another section.

I'm not sure if you have ever worked with user authentication before but it is considered bad practice to store passwords in plain text because of the serious security issue if they are compromised. You generally want to use a one-way hash (like SHA-1 or SHA-256) to hash the users password (possibly with a known salt) and send that to your application and store that instead. That way you never know the actual password even if you are compromised in some way.

Joshua  2010-04-15 01:02:54
Actually I am making a web browser...and every user has to log in before using the browser..so I thought to store information in a text file...I am very new to programming..So I should use a if condition or something...to check that username password combination....under that header..your help appreciated
Ani  2010-04-15 01:12:53
+1  A: 

Is there any reason you have to use a plain text file? As Joshua says this is a poor way to store security information.

In .NET a standard approach is to use an application configuration file to store username/password (eg. app.config or web.config) and encrypt the password using the Data Protectction API (DPAPI) or the System.Security.Cryptography.ProtectedData class.

Jon Galloway provides a decent tutorial on how to do this.

Ash  2010-04-15 01:14:19
The only reason is I am very new to this....Is there any source where I can learn DPI as you and Joshua mentioned..
Ani  2010-04-15 01:18:32
I ll try to look on msdn library to figure out. how to use app.config
Ani  2010-04-15 01:20:48
@Ani, see the linked page.
Ash  2010-04-15 01:21:25
@Ash yes I saw it after i commented..Thanks a lot..
Ani  2010-04-15 01:23:32

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?