Looking for an advice about password authentication
-
Hi i have build an application with dialog and buttons. Only i need to have administrator account that can modify smth in the application (not the source). So i decided to create a password verification box. The problem is what is the best way 2 do it? and how can i store the password outside the source but encrypted in a way so that noone can understand it and for the administrator to be able to change it at runtime? /\|-||\/|/\|)
-
Hi i have build an application with dialog and buttons. Only i need to have administrator account that can modify smth in the application (not the source). So i decided to create a password verification box. The problem is what is the best way 2 do it? and how can i store the password outside the source but encrypted in a way so that noone can understand it and for the administrator to be able to change it at runtime? /\|-||\/|/\|)
Do it Unix style using 1 way encryption or hashing. There are plenty of sites there that can offer detailed descriptions of how it works but basically it's like this. You take the password and hash it using something like MD5 or SHA-1, then you store that password in plaintext. Then when you want to authenticate your user in the program, you ask for the password, you take that password and hash it and then compare that hash with the stored hash, if they match, then it's probably the right password and you let them in. This should be pretty good, you can add "salting" or a random string to the password if you want to prevent precompiled dictionary attacks... Take a look at http://www.codeproject.com/cpp/csha1.asp [^]