Password fields
A Password field is a text field that maintains a user's privacy by displaying each character a user enters as an asterisk on the screen. The contents of the Password field are not secure, and the data is visible in the Document Properties box from the Notes® client. There are several ways to secure the contents of a Password field. If you are using the Password field as a method for securing an application, the best way to secure the contents of a Password field is not to save the contents after the entry is verified. This can be done using a formula that clears the field once it's been verified. You can use the input translation event or a LotusScript® QuerySave event.
Example: Using an input translation formula
This formula is an input translation formula for a Password field. When the user enters a password, Domino® looks up the user in the Domino® Directory and gets the user's HTTPPassword field. Then, it compares the value that the user inputs into the field with the HTTPPassword field. If the values match, it presents a prompt saying "You passed." If the values do not match the prompt says "You entered an incorrect password."
x:=@DbLookup("";"Server/Acme":"names.nsf";"($Users)";@Username;"HTTPPassword");
REM "This compares the preceding value to the value the user entered after running it through the @Password hash function and prompts the user whether they typed in a valid password or not.";
@if(@isError(x);@Prompt([OK];"Error";"Error");@Password(Password) = x;@Prompt([OK];"You passed";"You passed");@Prompt([ok];"Password failure";"You entered an incorrect password"));
REM "This deletes the password field.";
@Unavailable
Example: Using a QuerySave event
This script determines whether the Password field contains a password. If it does it gets the name of the author of the document and puts the abbreviated form of the name into the PublicEncryptionKeys field. This effectively encrypts the Password field with the author's public key. This does not involve a lookup to the Domino® Directory to get the key. It is retrieved from the user's ID file.
Dim doc As NotesDocument
Dim db As NotesDatabase
Dim session As New NotesSession
Set db = session.CurrentDatabase
Set uidoc=Source
Set doc=source.Document
If doc.GetItemValue("Password")(0) <> "" Then
Set PkName = New NotesName(doc.GetItemValue("Author")(0))
Call doc.ReplaceItemValue("PublicEncryptionKeys", PkName.Abbreviated )
End If
Example 2: Using a QuerySave event
This script determines whether one or more password fields contains a password. If one of the fields does contain a password, the script gets the values from the Author field and the OtherEditors field (which might contain a group) and expands the OtherEditors field so that it has names and puts the abbreviated form of the name into the PublicEncryptionKeys field. This effectively encrypts the password field with the public keys for all unique entries in the two fields. This does involve a lookup to the Domino® Directory to get the keys for each of the users listed, unless the only value is the name of the current user. If there is more than one name to look up, then it finds the public keys from the Domino® Directory. If the only key to look up is the author's, it is retrieved from the user's ID file.
Dim s As New NotesSession
Dim db As NotesDatabase
Dim doc As NotesDocument
Set db = s.CurrentDatabase
Dim uidoc As notesuidocument
Set uidoc=source
Set doc = uidoc.document
If (doc.GetItemValue("Password1")(0) <> "") Or (doc.GetItemValue("Password2")(0) <> "") Then
Call doc.ReplaceItemValue("PublicEncryptionKeys",_
Evaluate(|@Name([Abbreviate];@Unique(Author:OtherEditors))|,doc))
End If