RE: How to allow users to change their password?

Hi.

> How does a user change her/his password after I create the username?

Allow the user to do it himself. Create a form with a text box for the User
ID and three more text boxes: the old password, the new password, and to
verify the new password. Use the CurrentUser( ) method to automatically fill
in the User ID text box. All of the password text boxes will have the
"Password" input mask so no one can look over the user's shoulder to read the
password.

Once the user has typed the passwords correctly (verify that the new
password matches in both "New Password" text boxes), the form calls your
ChangePassword( ) function that you will write. You will find code that uses
the NewPassword( ) method to reset a User's password in section 5, "How can I
clear a user's forgotten password?" of the Security FAQ on the following Web
page:

http://support.microsoft.com/default.aspx?scid=/support/access/content/secfaq.asp#_Toc493299666

This code sets the User's password to an empty string, but you should change
the code to use the variable for the new password, instead. You'll need to
add error handling and to set the object variables to Nothing to release
memory before the function exits.

If the user types an invalid password, the password change will fail, so you
won't have people accidentally changing other people's passwords while using
this form. This password form can be set up to be opened by a button on
another form that the users have access to. That way, no custom toolbar need
be set up to provide the Security dialog window for password changes.

> Also, please correct me if I'm wrong, but to _change_ a
> user's password for her/him, I'll have to login using their login
> name/password first.

If you want to use the Security dialog window to change the password, then
you'll have to sign in as that user first. However, the owner of the
database and members of the Admins group can programmatically change other
user's passwords with the NewPassword( ) method while signed in under their
own User ID's.

> Logged in as myself (with all the privileges), I can only _clear_ the
> password of another user, but cannot _change_ it.

Then all is right in the world. No user can arbitrarily change someone
else's password with that GUI.

HTH.

Gunny

See http://www.QBuilt.com for all your database needs.
See http://www.Access.QBuilt.com for Microsoft Access tips.

(Please remove ZERO_SPAM from my reply E-mail address, so that a message
will be forwarded to me.)
Beware to those who use munged addresses: known newsgroup E-mail harvesters
for spammers are Ripley@xxxxxxxxxxxxxxx and scott@xxxxxxxxxxxxxxxxxx

- - -
When you see correct answers to your question posted in Microsoft's Online
Community, please sign in to the Community and mark these posts as "Answers,"
so that all may benefit by filtering on "Answered questions" and quickly
finding the right answers to similar questions. Remember that questions
answered the quickest are often from those who have a history of rewarding
the contributors who have taken the time to answer questions correctly.


"Amit" wrote:

> MS Access 2K, Windows XP
> ====================
> Hi,
>
> So, crossed the first hurdle of testing the security setup and splitting the
> secured database. Thanks, Joan, TC, David, Rick and others who patiently
> answered my questions over the past couple of weeks.
>
> I have some more questions regarding password for a user (who only has
> permissions to use the Forms and not make any design changes to db objects).
>
> How does a user change her/his password after I create the username? The way
> my database is set up, they won't be seeing the Tools option in the menu as I
> have the following unchecked - "Display database window", "Allow full menus",
> "Allow Built-in toolbars" and "Use Access Special Keys".
>
> Does that mean all password change/reset request from users will have to go
> through the data admin? Meaning they tell me the new password, and I go in
> and set it for them? Also, please correct me if I'm wrong, but to _change_ a
> user's password for her/him, I'll have to login using their login
> name/password first.
> Logged in as myself (with all the privileges), I can only _clear_ the
> password of another user, but cannot _change_ it.
>
> Is it OK for a data admin person to be privy to all passwords?
> The other option is that whenever someone needs to change her password, it
> will entail me making a trip to their desktop and logging in as them with the
> "shift" key pressed to make the Menu options visible.....which I'm not sure I
> like.
>
> Am I missing something here?? Is there a simpler way to do this?
>
> Thanks.
>
> -Amit
.