Pankaj Pawar

Pankaj Pawar

  • NA
  • 116
  • 10.5k

password is showing in view source of browser in asp.net 4.0

Feb 21 2016 8:16 AM
i am using (remember me username and password when i login next time ) it working well when i login next time , both username and password automatically filled but the problem is when i click on on viewsource of browser it showing the password as plain text like  
<input name="PasswordForLogin" type="password" id="PasswordForLogin" value="123" />  
 
i am using this code below
 
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
if (Request.Cookies["username"] != null)
{
UsernameForLogin.Text = Request.Cookies["username"].Value;
}
if (Request.Cookies["password"] != null)
{
PasswordForLogin.Attributes["value"] = Request.Cookies["password"].Value;
}
if (Request.Cookies["username"] != null && Request.Cookies["password"] != null)
{
CheckBox1.Checked = true;
}
 
}
}
// and login button 
 
protected void Button3_Click(object sender, EventArgs e)
{
if (UsernameForLogin.Text != "" && PasswordForLogin.Text != "")
{
string str = "select * from Users where sloginname=@sloginname and spassword=@spassword";
con.Open();
SqlCommand cmd = new SqlCommand();
cmd.Parameters.AddWithValue("@sloginname", UsernameForLogin.Text);
cmd.Parameters.AddWithValue("@spassword", PasswordForLogin.Text);
cmd.Connection = con;
cmd.CommandText = str;
SqlDataReader rdr;
rdr = cmd.ExecuteReader();
if (rdr.Read())
{
if (CheckBox1.Checked == true)
{
Response.Cookies["username"].Value = UsernameForLogin.Text;
Response.Cookies["password"].Value = PasswordForLogin.Text;
Response.Cookies["username"].Expires = DateTime.Now.AddDays(15);
Response.Cookies["password"].Expires = DateTime.Now.AddDays(15);
}
else
{
Response.Cookies["username"].Expires = DateTime.Now.AddDays(-1);
Response.Cookies["password"].Expires = DateTime.Now.AddDays(-1);
}
Session["username"] = rdr[3].ToString();
Session["password"] = rdr[4].ToString();
Session["Studentid"] = rdr[0].ToString();
Session["firstname"] = rdr[1].ToString();
Session["lastname"] = rdr[2].ToString();
Response.Redirect("~/users_main.aspx");
}
else
{
Label2.Visible = true;
Label2.ForeColor = System.Drawing.Color.Red;
Label2.Text = "re-enter username or password";
}
con.Close();
}
else
{
Label2.Visible = true;
Label2.ForeColor = System.Drawing.Color.Red;
Label2.Text = "please enter username or password both";
}
}
thanks for the help 
 

Answers (2)