Earlier in this chapter we looked at how it was possible to use the CreateWorkspace method to allow us to act in the security context of another user. One potential use of this is to allow us to create a procedure that lists all of the groups to which the current user belongs. The potential problem is that only members of the Admins group have permission to view this information. See if you can write a procedure that lists all of the groups to which the current user belongs even if the user is not a member of the Admins group.
The password form we created in this chapter is still fairly rudimentary. You can probably think of many ways to improve it. For example, some security systems force you to change your password at monthly intervals and will not allow you to reuse any of your, say, five previous passwords. See if you can modify the password form so that it enforces these two rules.
Hint : If you decide to store users' passwords in a table you need to make sure that you will be able to read the table from code, but that normal users won't be able to read the data in the table.