Asp.net：维护密码历史记录并阻止设置5个旧密码 [英] Asp.net: maintain password history and prevent to set 5 old password

问题描述

大家好，

我是asp.net的新手并试图创建一个应用程序，当时

重置密码用户不应该使用他的5旧密码。

但是我无法理解如何维护数据库中每个用户的密码历史记录。

Plzzz帮助我。



我尝试了什么：



这是我用于注册用户的表格



ID int

First_Name varchar2（50）

Last_Name varchar2（50）

密码varchar2 （50）

电子邮件varchar2（50）



我已完成此表的注册和登录页面。

这里是维护每个用户密码历史所需的更改。

Hi all,
I am new to asp.net and trying to create one application where at the time of
resetting password user should not able to use his 5 old passwords.
but I am not able to understand how to maintain the password history for each user in database.
Plzzz help me.

What I have tried:

this is the table I have for registration of user

ID int
First_Name varchar2(50)
Last_Name varchar2(50)
password varchar2(50)
email varchar2(50)

I have done the registration and login page with this table.
SO here what changes required for maintain the history of password for each user.

推荐答案

真的有很多方法可以做到这一点。你可能需要一张新桌子



用户（ID，First_Name，Last_Name，email）



密码（ID，用户ID，密码，活动（位））

Lots of ways of doing this really. You're probably going to need a new table though

User (ID, First_Name, Last_Name, email)

Passwords (ID, UserID, Password, Active (bit))

User
----
1 | John | Doe | me@here.com

Password
--------

1 | 1 | hello | 0
2 | 1 | world | 1

因此，用户1，Joe，当前密码为世界和以前的密码你好。您可能还需要该密码上的日期字段，该字段显示密码的创建时间。要获取当前密码，您只需使用密码加入用户



SELECT * FROM [用户] u JOIN [密码] p on p.UserID = u.ID和p。活动= 1



该方法需要Password表的UserID列上的索引。另一种选择是这样的



用户（ID，First_Name，Last_Name，email，PasswordID）



密码（ID，用户ID，密码）

So User 1, Joe, has a current password of "world" and a previous password of "hello". You'll probably want a date field on that Password too which shows when the password was created. To get the current password you just JOIN User with Password

SELECT * FROM [User] u JOIN [Password] p on p.UserID = u.ID and p.Active = 1

That method would need an index on the UserID column of the Password table. The alternative would be like this

User (ID, First_Name, Last_Name, email, PasswordID)

Passwords (ID, UserID, Password)

User
----
1 | John | Doe | me@here.com | 2

Password
--------

1 | 1 | hello
2 | 1 | world

然后要获取密码，您需要在用户的PasswordID上加入密码表。使用任何一种方法，您只需在创建新密码时检查旧密码，如果它们的历史记录超过5，则删除超过五分之一的密码。



此外，我希望您加密您的密码，而不是以纯文本格式存储。

Then to get the password you'd JOIN the Password table on the PasswordID on User. With either method you'd then simply check old passwords when creating new ones, and if their history exceeds 5 delete any beyond the fifth.

Also I hope you are encrypting your passwords and not storing them in plain text.

这篇关于Asp.net：维护密码历史记录并阻止设置5个旧密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！