Read this article, which implements RC4 Symmetric encryption in VBScript.
http://www.4guysfromrolla.com/webtech/010100-1.shtml
I mimicked the idea by creating a Perl DLL which would encrypt a plain-text
password. The logic behind a symmetric encryption is that you provide a key
which would encrypt a plain-text password to an encrypted string. When you
pass the encrypted string to the encrypting engine, with the same key you
used to encrypt, you get the decrypted string back.
Now, what can be the key for your problem? Just treat the user's password
itself as the key that would hash itself. So if the user's password is :
rexarul, you encrypt it to some junk string using rexarul as the key.
This way, you need not ask the user again to type his/her key.
This works.
-- Rex
-----Original Message-----
From: Morbus Iff [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 02, 2001 4:09 PM
To: [EMAIL PROTECTED]
Subject: Storing a Decryptable Password?
I have a need to store a user's password in a configuration file:
- the password should NOT be in plain text.
- the password should be decryptable so that we
don't have to ask the user each time (as per
the common Unix crypt ideal).
Any ideas? There's always the cheap sort of rot13, binary, decimal sort of
madness, but I was looking for something a bit more "hard to deciper at a
glance". I know the inherent risks with having a decryptable, but I'll take
those over the obvious risks of plaintest stored passwords.
Thoughts?
--
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
