Microsoft KB Archive/205672

= FrontPage does not accept blank password =

Article ID: 205672

Article Last Modified on 7/10/2006

-

APPLIES TO


 * Microsoft FrontPage 2000 Standard Edition

-



This article was previously published under Q205672





For a Microsoft FrontPage 98 version of this article, see 194233.



For a Microsoft FrontPage 97 version of this article, see 163587.



SYMPTOMS
When you open a web and attempt to leave the Password box blank in the "Name and Password Required" dialog box, FrontPage repeatedly prompts you to type a name and password.



CAUSE
Microsoft FrontPage requires that you provide a name and password to determine whether or not you have administrative or authoring privileges in a specific Web.

Privileged accounts with blank passwords are security threats. FrontPage is designed to not support them.



RESOLUTION
Use the Windows NT User Manager to add a password to the account. When FrontPage prompts you for your name and password, type the password that you used in the Windows NT User Manager.

Note When you change security information on an Internet Information Server (IIS), stop and restart all IIS services to ensure that the server is not validating cached information.



WORKAROUND
This workaround exposes your server to potential security issues.

To work around this problem, enable Windows NT Challenge/Response (NTLM). If your Windows NT account allows you to use a blank password, and your account is granted author or administrative permission to a FrontPage Web, you will not be asked to enter a password. If your Windows NT account is not granted permission to the FrontPage Web, FrontPage will prompt you for a valid user name and password.

Note If prompted for credentials, the account entered must have a password that is not blank.



MORE INFORMATION
The fact that FrontPage does not support blank passwords is not generally an issue with servers that are not derived from IIS, because FrontPage does not allow you to add an account that does not have a password. Servers related to IIS can use the Windows NT account to validate your rights to a Web. When FrontPage manages rights to a Web on servers derived from IIS, password information is never specified. While it is possible to log on to a Windows NT account with a blank password, FrontPage will not pass validation information unless the password field is completed.

The following servers are derived from IIS:

Microsoft Internet Information Server

Microsoft Peer Web Services for NT 4.0 Workstation

Microsoft Personal Web Server

Additional query words: FP2K FP2000

Keywords: kbprb KB205672

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.