Making a Password ?
Author
Hi guys,
Is there a general tutorial on making passwords ? I guess it would fall under encryption ? I have a Windows program and want the user to be able to save a password for something he locks, but the thing I don''t understand is how to save the password itself. That must be encrypted and then the user types the password and I see if it matches ? But then is someone knows how the passwords are encoded he can crack them all. I don''t get it.
I made a cool way to encrypt the ''sensitive'' data but I don''t understand how the password to un-encrypt it works.
Any practical tutorial links would be appreciated.
"But then is someone knows how the passwords are encoded he can crack them all. I don''t get it."
sorry i don''t have any links for u, but i think the encryption scheme for most password systems uses a one-way encryption technique. ie, you can encrypt but can''t decrypt.
sorry i don''t have any links for u, but i think the encryption scheme for most password systems uses a one-way encryption technique. ie, you can encrypt but can''t decrypt.
You don''t want to encrypt the password, because encryption is two way and can be undone as you guessed. The proper term for what you want is ''hashing'', which turns some input (a password) into an apparently random output (the hash), and is not reversable. A common hashing algorithm is MD5.
You can also encrypt a piece of known text (such as the username), using the password as the key.
Basically you can see the mechanism for how the entered password is used to treat the data, and how the encryption works. However without the value it doesn''t help. Imagine you have a number as a passcode, and the program decrypts the data using:
x=passcode
decrypt with sin(tan(x))^log(x)....
Then despite knowing the method, unless you can solve that equation you''re stuck. Often, large factorisations are used ie find a non-prime factor of 123478348723918798765745 - you even know what you need to get but finding it takes a LONG time!!
x=passcode
decrypt with sin(tan(x))^log(x)....
Then despite knowing the method, unless you can solve that equation you''re stuck. Often, large factorisations are used ie find a non-prime factor of 123478348723918798765745 - you even know what you need to get but finding it takes a LONG time!!
You could look into md5 hashing. http://userpages.umbc.edu/~mabzug1/cs/md5/md5.html has a few different implementations in different languages.
Standard practice for storing passwords is to store a one-way hash of the password string pre-pended with a salt string. Salts are used to prevent dictionary attacks against the password database. Usually hashing algorithms used are MD4, MD5 and SHA. Though MD4 seems to be falling out of favor in recent years. On most search engines the keywords "password salt hash" are sufficient to get you sample code examples for storing passwords in a database.
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
