Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!caen!ox.com!math.fu-berlin.de!unidui!unido!majestix!olm
From: olm@informatik.uni-kiel.dbp.de (Olaf Mehlberg)
Newsgroups: comp.lang.pascal
Subject: Re: Store password in exe file
Message-ID: <3233@snoopy.informatik.uni-kiel.dbp.de>
Date: 12 Apr 91 07:03:08 GMT
References: <26530@adm.brl.mil>
Organization: Universitaet Kiel, Germany
Lines: 27

In <26530@adm.brl.mil> ZCCBJSB%EB0UB011.BITNET@cunyvm.cuny.edu (Josep Sau B.) writes:

[ procedure for encryption deleted ]

>You have to read the crypted password from the file, filter it thru
>a simmilar function, and try to match it with user entered password.

To get at least little security:
filter the user entered password thru the encryption-procedure
and compare the result with the file. NEVER (not even in
memory) CREATE THE CLEAR-TEXT-PASSWORD.
If you need more information about password encryption and
password security, i suggest,
that you read the group sci.crypt. (Followup's should go there)

Olaf Mehlberg

standard-disclaimer .
------------------------------------------------------------------------
There are two methods for writing bug-free programms, but only the third
one will work.
------------------------------------------------------------------------
Christian-Albrechts-Universitaet Kiel, Institut fuer Informatik
Preusserstr. 1 - 9                   , D - 2300 Kiel 1
Phone: ++49-431-5604-42              , Fax: ++49-431-566143
EMail: olm@informatik.uni-kiel.dbp.de
------------------------------------------------------------------------