Compartir a través de


Manager.HasSavedPassword

Manager.HasSavedPassword

The HasSavedPassword property indicates whether the Microsoft .NET Passport user's password was saved. The HasSavedPassword property also indicates whether the user selected the option on the .NET Passport Login page to be signed in automatically.

Syntax

Property Manager.HasSavedPassword As Boolean

Property value

Boolean value. The value is True if the current user's Ticket indicates the user has chosen to save a password on the .NET Passport Login page as of the last Ticket refresh. The value is False if the user has not chosen to save a password on the .NET Passport Login page.

Example

The following Microsoft Visual Basic Scripting Edition (VBScript) code snippet uses HasSavedPassword to check for the Saved Password flag in the user's Ticket. 

...
'Create a Passport Object
Set oMgr = Server.CreateObject("Passport.Manager.1")

If oMgr.HasSavedPassword Then
    Response.Write ("<br>You saved your password!.")
Else
    Response.Write ("<br>You did not save your password!.")
 
End If
...

Remarks

The HasSavedPassword property is read-only. Microsoft .NET Passport users can choose to save passwords to avoid being prompted to enter credentials when revisiting a site. With the password saved, the network-issued "MSPSec" Ticket-Granting cookie persists across sessions and holds the encrypted password. All other .NET Passport cookies persist across sessions as well when this setting is enabled. When the HasSavedPassword property is set, the user remains signed in to .NET Passport on that computer until the user explicitly signs out by clicking Sign Out.

Closing a browser will not destroy cookies, and when a new session begins, the user will automatically be signed in whenever possible using saved credentials. The domain authority cookies are refreshed as often as necessary to meet site requirements, but the user never sees the Login page or enters a sign-in name and password again, with the following exception:

If any Passport Manager properties or methods that connect to the Login server are called with ForceLogin set to True, then the user will have to manually enter a password on the Login server Sign-in page. This allows participating sites to always ensure that a user's credentials are valid even with password saved for cases in which a site considers a persistent sign-in to be too great a security risk. For example, a site might use .NET Passport authentication as authorization for access to bank records, and might consider it to be in their customers' best interests to always manually verify the authentication before displaying such data. Checking for HasSavedPassword allows a site to present special pages for users who have saved passwords and to explain why the saved password did not automatically allow access on this particular site.

Check IsAuthenticated before checking HasSavedPassword. Calling the HasSavedPassword property for an unauthenticated user results in a run-time error.

See Also

Passport Manager Object