msvisual.com Forum Index
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister   ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Encryption

 
Post new topic   Reply to topic    msvisual.com Forum Index -> VB General Discussions
Author Message
LondonLad



Joined: 04 Oct 2007
Posts: 31
PostPosted: Wed Feb 27, 2008 9:36 am    Post subject: Encryption Reply with quote
Hi
I have a program that encrypts its password and stores this in the
registry.(OK I know this is not rocket science) but what I want to know is,
could I store this in the registry as a string of *
Convrt it like the PasswordChar does with VB Textbox and then change it back
to the encrypted Chars to Decrypt?

Archived from group: microsoft>public>vb>general>discussion
Back to top
View user's profile Send private message
MikeD



Joined: 04 Oct 2007
Posts: 3348
PostPosted: Wed Feb 27, 2008 12:52 pm    Post subject: Re: Encryption Reply with quote
"LondonLad" wrote in message @microsoft.com...
> Hi
> I have a program that encrypts its password and stores this in the
> registry.(OK I know this is not rocket science) but what I want to know
> is,
> could I store this in the registry as a string of *
> Convrt it like the PasswordChar does with VB Textbox and then change it
> back
> to the encrypted Chars to Decrypt?

No. If you save it to the registry (or whereever) as a string of *
characters, then that's all you're gonna get back when you read it. The
textbox caches the actual string and just displays the password chars. It
doesn't "convert" anything. Or at least that's what I presume.

--
Mike
Microsoft MVP Visual Basic
Back to top
View user's profile Send private message
Larry Serflaten



Joined: 04 Oct 2007
Posts: 2644
PostPosted: Wed Feb 27, 2008 12:02 pm    Post subject: Re: Encryption Reply with quote
"LondonLad" wrote
> I have a program that encrypts its password and stores this in the
> registry.(OK I know this is not rocket science) but what I want to know is,
> could I store this in the registry as a string of *
> Convrt it like the PasswordChar does with VB Textbox and then change it back
> to the encrypted Chars to Decrypt?

A. No, the characters aren't converted, the textbox hides them by showing only
the PW character. When you check its text property, the actual characters
are returned.

B. Don't decrypt the passwords. Let the user enter what they will, and encrypt
that for saving to the Registry. When you go to validate, again let the user
type in what they will and you again encrypt that. Then compare the two
encrypted values....

LFS
Back to top
View user's profile Send private message
Richard Mueller [MVP]



Joined: 04 Oct 2007
Posts: 49
PostPosted: Wed Feb 27, 2008 12:08 pm    Post subject: Re: Encryption Reply with quote
"LondonLad" wrote in message @microsoft.com...
> Hi
> I have a program that encrypts its password and stores this in the
> registry.(OK I know this is not rocket science) but what I want to know
> is,
> could I store this in the registry as a string of *
> Convrt it like the PasswordChar does with VB Textbox and then change it
> back
> to the encrypted Chars to Decrypt?

As noted, there should never be any need to decrypt the passwords. Even
better is to use a hash function. This is like encryption except it is very
difficult (hopefully impossible) to reverse. You compare hashed values to
determine if the user provided the correct password. Given the hashed value
you cannot determine the plaintext password.

--
Richard Mueller
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net
--
Back to top
View user's profile Send private message
LondonLad



Joined: 04 Oct 2007
Posts: 31
PostPosted: Wed Feb 27, 2008 11:43 am    Post subject: Re: Encryption Reply with quote
Hi Richard
Thanks all for your posts, at the moment I decrypt to check the password,
but I will change to take on board Larry's point. But I am very interested in
your point on hashed values can you give me a snippet of code to work from
please.

"Richard Mueller [MVP]" wrote:

>
> "LondonLad" wrote in message
> @microsoft.com...
> > Hi
> > I have a program that encrypts its password and stores this in the
> > registry.(OK I know this is not rocket science) but what I want to know
> > is,
> > could I store this in the registry as a string of *
> > Convrt it like the PasswordChar does with VB Textbox and then change it
> > back
> > to the encrypted Chars to Decrypt?
>
> As noted, there should never be any need to decrypt the passwords. Even
> better is to use a hash function. This is like encryption except it is very
> difficult (hopefully impossible) to reverse. You compare hashed values to
> determine if the user provided the correct password. Given the hashed value
> you cannot determine the plaintext password.
>
> --
> Richard Mueller
> Microsoft MVP Scripting and ADSI
> Hilltop Lab - http://www.rlmueller.net
> --
>
>
>
Back to top
View user's profile Send private message
Michael Cole



Joined: 04 Oct 2007
Posts: 79
PostPosted: Thu Feb 28, 2008 1:47 pm    Post subject: Re: Encryption Reply with quote
LondonLad wrote:
> Hi Richard
> Thanks all for your posts, at the moment I decrypt to check the
> password, but I will change to take on board Larry's point. But I am
> very interested in your point on hashed values can you give me a
> snippet of code to work from please.

If you want to decrypt the password, then you can't use a hash. Do an
internet search on "hash algorythm" - lots of available reading...


--
Regards,

Michael Cole
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    msvisual.com Forum Index -> VB General Discussions All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group