Setting the value of Password Fields in ASP.NET 2.0 (a tip and rant rolled up into 1)

Posted by: David Silverlights XML and .NET GrokSpot, on 11 Aug 2005 | View original | Bookmarked: 0 time(s)

     I just learned a great tip for setting the value of a password field in asp.net.  For those of you who have ever attempted to work with a TextBox where the TextMode is set to password, I feel your pain.  For some reason, you can't set the text value the way that you normally would by setting the Text Property.  I have spent time searching far and wide and every single post that I have come across says the same two things.

a) You can't set the text property of a Password Type field for security reasons. 

b) Okay, you can set the text property, but you have to do it in the form of setting an attribute of the text box.   The typical format is:

     txtPassword.Attributes.Add("value", PasswordString)

Now, let me address these two points seperately.  First, ummmm well thanks for protecting me.  The last time I had protection like this, the "protectors" wore business suits and dark glasses and helped protect the whole neighborhood.  But I digress... My question is, Do you have to protect me on every single postback  I can understand that I might have to set the attribute on the Page_Load event, but is it really protecting me by having the user retype it every single time  In my scenario, the next field is a drop-down box.  When the user clicks on the drop down to select a value, the password they just typed is cleared out.  All of this protection having a negative affect on the usability of my form.  I keep telling the user that they are doing something wrong, but they are starting to suspect it is really the fault of the my app.

Regarding the second point, yes you can store it away and set the attribute property of the textbox, but the place to store it is quite unclear to me.  It would have to be some place that occurs before each PostBack.  I tried using the Page_Unload event, but it is too late to keep it in the ViewState.  I considered using a session variable, but that is just wrong..  A hidden field  Well, the user can go into view source and see it as clear text.

So, it took me only about 10 minutes to build the whole form and then an additional 27 zillion hours to find out how to keep the value of the Password field.  Fortunately, one of my colleages in a nearby cubicle and a wiser programmer than I (Jeff Kwak) offered this simple and elegant solution. Here goes....

Protected Sub txtPassword_PreRender(ByVal sender As Object, ByVal e As System.EventArgs) Handles txtPassword.PreRender

     txtPassword.Attributes("value") = txtPassword.Text

End Sub

It works beautifully!  Thanks Jeff.

 

 

 

Category: ASP.NET | Other Posts: View all posts by this blogger | Report as irrelevant | View bloggers stats | Views: 11164 | Hits: 42

Similar Posts

  • Using T4 Templates for Simple DTOs more
  • CS Dev Guide: SiteSettings more
  • November 2004 -- AZGroups.com Tips/Tricks more

News Categories

.NET | Agile | Ajax | Architecture | ASP.NET | BizTalk | C# | Certification | Data | DataGrid | DataSet | Debugger | DotNetNuke | Events | GridView | IIS | Indigo | JavaScript | Mobile | Mono | Patterns and Practices | Performance | Podcast | Refactor | Regex | Security | Sharepoint | Silverlight | Smart Client Applications | Software | SQL | VB.NET | Visual Studio | W3 | WCF | WinFx | WPF | WSE | XAML | XLinq | XML | XSD