Password programming... RRS feed

  • General discussion




    i wanted to use a password program for a small application.


    although the application implementation code is not as i have mentioned.but the client side MFC application implements this logic:



    int main(void)


    char pin[4]; //this is the password




    if(pinIdea=='\b' || '\r')


    /* do some control activity







    //continue the loop procedures


    //check if pin is correct

    //if true return 1;

    //etlse return 0;

    return x;//0 or 1 ...



    Tuesday, November 6, 2007 5:31 AM

All replies

  • Don't you have to store the password in a file so that next time you log on it checks from there

    Also the file can only be accessed by your program only or else it might be modified by some other user
    Tuesday, November 6, 2007 9:14 PM
  • it need not store the password in any file...


    it simply validates the password.



    if at all the password has to be altered.there has to be a code that writes a new file; replaces the password;deletes the previous file;compiles and executes the new code.

    Friday, November 9, 2007 4:09 AM
  • You are just storing the raw password in code. It would take about 5 seconds to crack this.


    If you are just storing one password and you are going to give this software to a few friends, then the best method will be to store the password hash (checksum) in code and when the user enters the password, generate a new hash and compare them. Such an implementation cannot be cracked.


    Also, the way you get the password input by the user is not good, do something like this instead:


    Code Block

    int main(void)


    //assuming the pin is an integer

    int* pin = new int(1234), input;


    return input==*pin;



    In the above code, I didn't demonstrate how to hash the password and validate it, etc. I was just improving on your previous logic.

    Friday, November 9, 2007 5:50 AM