Skip navigation
Menu
Security

Rem: Prompting Users to Reenter Their Password

Downloads
37721.zip

Do you have a scripting-related question or problem? You can send your question or problem to [email protected].

I'm using VBScript's InputBox function to prompt for a password, which I subsequently use to map a network drive. I would like the script to ask the operator to reenter the password in the event he or she enters the wrong password. I know I need to use a loop, but I'm stuck. Can you provide a sample script to point me in the right direction?

You're already heading in the right direction by recognizing that you need to use a loop of some sort. You'll be glad to hear that VBScript provides the looping construct you need in the form of the Do...Loop statement (aka Do loop). Why the Do loop? Because it lets you first run code in the body of the loop (i.e., the code between the opening Do and closing Loop keywords), then test for a specific condition afterward. In the context of what you're trying to accomplish, the basic scripting steps would go something like this:

  1. Begin the Do loop.
  2. Use the InputBox function to prompt for and fetch the password.
  3. Attempt to map the network drive.
  4. Check for the following error conditions:
    • If the mapping succeeds, exit the Do loop and continue.
    • If the mapping fails because of a logon failure, go back to the top of the loop.
    • If another type of error occurs (e.g., device is already in use), display the error information and exit the script.

The script in Listing 1, which uses VBScript and Windows Script Host (WSH), is an example of how you might implement these four steps. Listing 1 begins by setting VBScript's Option Explicit statement and declaring all the script's variables. Next, the script defines a constant named LOGON_FAILURE and sets the constant's value to the Windows error number that represents an unknown username or bad password. As callout A in Listing 1 shows, the script's username is fixed, so the script uses this constant to determine whether the password is valid based on the outcome of the WshNetwork object's MapNetworkDrive method. After defining the constant, the script initializes the variables.

The script's real work begins just before the Do loop, where it enables VBScript's On Error Resume Next statement. You must enable On Error Resume Next to use VBScript's Err object to check for the error that results from a bad password. Once inside the Do loop, the script uses the InputBox function to prompt the operator for the password. Unlike other loops with which you might be familiar, this form of the Do loop doesn't test a condition before entering and running the body of the loop. This characteristic of the Do loop makes the loop unique and ideally suited for solving your problem. Because the Do loop's body is guaranteed to run at least once, regardless of the condition, you don't have to use a second InputBox call before entering the loop.

After storing the password in strPassword, the script uses the MapNetworkDrive method to connect to the share. Immediately after the call to MapNetworkDrive, the script destroys the contents of strPassword, which is a good habit to get into for security reasons.

The Select Case statement near the end of the script uses the Err object's Number property to determine whether the MapNetworkDrive method succeeded. If Err.Number is 0, the method succeeded, which means the operator entered the correct password. In response, the script sets the value of bValidPassword to True, drops out of the Do loop, and continues running the rest of the code that you supply. If Err.Number is equal to the value of the LOGON_FAILURE constant, the script sets bValidPassword to False, clears the Err object, displays an appropriate error message, and repeats the Do loop. This process continues as long as the operator enters invalid passwords. If Err.Number is equal to a value other than 0 or the LOGON_FAILURE constant, the script echoes (i.e., displays) the error number and description and exits. If you want the script to carry out different actions according to different error numbers, you can add additional cases to the Select Case statement.

Before you use the script in Listing 1, you need to be aware that the InputBox function isn't an ideal way to prompt for sensitive data, such as a password. Anyone within close proximity to the workstation running the script can easily view the password that the operator enters into the input box. A better alternative is to use the Script Password (scriptpw.dll) component. However, this component is available only on Windows XP and later. For more information about the Script Password component, go to "Rem: Masking Passwords in Scripts," November 2001, http://www.winscriptingsolutions.com, InstantDoc ID 22712.

TAGS: Security
Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
Businesswoman challenges concept and gender obstacles
Women in Cybersecurity Face Barriers to Hiring, Advancement
Apr 15, 2024
person typing on keyboard with icons for certificates
Top IT Certifications for a Career in Finance
Apr 12, 2024
employee working on a laptop with AI
Why AI Coding Assistants May Be Greatest Cybersecurity Threat Facing Your Business
Mar 26, 2024
cleaning products
6 Essential Steps for Spring Cleaning Your Website
Mar 21, 2024