FrontPage does not accept blank password (205672)


The information in this article applies to:

  • Microsoft FrontPage 2000
This article was previously published under Q205672

For a Microsoft FrontPage 98 version of this article, see 194233.
For a Microsoft FrontPage 97 version of this article, see 163587.

SYMPTOMS

When you open a web and attempt to leave the Password box blank in the "Name and Password Required" dialog box, FrontPage repeatedly prompts you to type a name and password.

CAUSE

Microsoft FrontPage requires that you provide a name and password to determine whether or not you have administrative or authoring privileges in a specific Web.

Privileged accounts with blank passwords are security threats. FrontPage is designed to not support them.

RESOLUTION

Use the Windows NT User Manager to add a password to the account. When FrontPage prompts you for your name and password, type the password that you used in the Windows NT User Manager.

Note When you change security information on an Internet Information Server (IIS), stop and restart all IIS services to ensure that the server is not validating cached information.

WORKAROUND

This workaround exposes your server to potential security issues.

To work around this problem, enable Windows NT Challenge/Response (NTLM). If your Windows NT account allows you to use a blank password, and your account is granted author or administrative permission to a FrontPage Web, you will not be asked to enter a password. If your Windows NT account is not granted permission to the FrontPage Web, FrontPage will prompt you for a valid user name and password.

Note If prompted for credentials, the account entered must have a password that is not blank.

MORE INFORMATION

The fact that FrontPage does not support blank passwords is not generally an issue with servers that are not derived from IIS, because FrontPage does not allow you to add an account that does not have a password. Servers related to IIS can use the Windows NT account to validate your rights to a Web. When FrontPage manages rights to a Web on servers derived from IIS, password information is never specified. While it is possible to log on to a Windows NT account with a blank password, FrontPage will not pass validation information unless the password field is completed.

The following servers are derived from IIS:

Microsoft Internet Information Server
Microsoft Peer Web Services for NT 4.0 Workstation
Microsoft Personal Web Server

Modification Type:MajorLast Reviewed:7/10/2006
Keywords:kbprb KB205672
©2004 Microsoft Corporation. All rights reserved.