How to retain the PASSWORD field values during postback?

  • Thread starter Thread starter J Sahoo
  • Start date Start date
J

J Sahoo

Hello,
I have a registration page where I am collecting user information
(username, password, last name, age, etc...). I made the password
field as PASSWORD (field type from the textbox). If user leaves any
field and presses the SUBMIT button, Then the edit checks are
performed and if any Error occurs I show the error messge, (a
postBack occured), now I loose the value of the password (what the
user had entered) the password field is RESETed (blank).

So how do I keep the value of the password in each postback without
reseting? Otherwise user has to enter the password again and again
(everytime an error occurs or postback occurs).

Thank you.

Sahoo J
 
Short answer is, you don't. Persisting a password field is a security hole.
In fact, if you use your browser's back button to go back to a page that has
a password field in it, the value will be blank, even on the client. I would
recommend storing it in Session or something like that on the server.

--
HTH,
Kevin Spencer
..Net Developer
Microsoft MVP
Big things are made up
of lots of little things.
 
in the code behind

password.Attributes["value"] = password.Text;

-- bruce (sqlwork.com)
 
this is normal behaviour, but here is a good reply from a previous post:

------------

Sending the password in plain text to the browser is a bad idea from a
security standpoint so the default security settings discourage it.
(Anybody can do a view source for the page
and see the password)

However there is a workaround if you're determined. You can set the
password text via client side script.
Here's the simplest example I've seen:

MyPWTextBox.Attributes.Add("value", strPassword)

This server side code outputs the needed client side code
 
Read the value during postback and dump the value back to the control
during onPreRender.
 
Back
Top