Prevent users from re-using previous passwords
Hi Ray, I'm now working on what you suggested above so that I can compare a submitted password with values stored in the database, as I want to stop users from re-using any of the last 10 passwords they've set. I've set up a password history table which records all updated passwords, added a recordset to the page and limited it to 10 rows, then added server validation to check if the submitted password is NOT like any of the passwords in the recordset. It always fails validation though, so not sure if I've got the validation syntax correct. I'm also not sure if it will loop through the recordset? Would you mind taking a look at the page for me to see what I've done wrong?
A further thought - should I be using the Unique Database value validation instead? If I did that though, how would I limit it to only check the passwords for that particular user since there's always the chance that more than one person has used "Password1!" or similar!