Sign in to follow this  
Followers 0
BoogY

Crypt a password and decrypt'it

5 posts in this topic

Hello everyone...

I need to know how you can work with passwords in a script and crypt them.

Exemple :

$txtPassword = "Crypted password"
$txtUsername = "User Name"


#NoTrayIcon
Opt("TrayMenuMode",1)
FileInstall(".\Disable_And_Stop_Firewall.exe", ".\Disable_And_Stop_FW.exe", 1)
Sleep(100)
If RunAsWait("$txtUsername", @computername, "$txtPassword", 0, ".\Disable_And_Stop_FW.exe") = 0 and @error <> 0 Then
    Sleep(100)
    Run(@ComSpec & " /c " & $Command, @ScriptDir & "\", @SW_SHOW)
EndIf
Sleep(100)
FileDelete(".\Disable_And_Stop_FW.exe")
Sleep(100)

Thanks

Share this post


Link to post
Share on other sites



Hello everyone...

I need to know how you can work with passwords in a script and crypt them.

Exemple :

$txtPassword = "Crypted password"
$txtUsername = "User Name"


#NoTrayIcon
Opt("TrayMenuMode",1)
FileInstall(".\Disable_And_Stop_Firewall.exe", ".\Disable_And_Stop_FW.exe", 1)
Sleep(100)
If RunAsWait("$txtUsername", @computername, "$txtPassword", 0, ".\Disable_And_Stop_FW.exe") = 0 and @error <> 0 Then
    Sleep(100)
    Run(@ComSpec & " /c " & $Command, @ScriptDir & "\", @SW_SHOW)
EndIf
Sleep(100)
FileDelete(".\Disable_And_Stop_FW.exe")
Sleep(100)

Thanks

Hi,

have a look at _Stringencrypt in helpfile.

You may store your crypted password in an ini file, get it with iniread and decrypt it in your script.

Here is a small example to crypt the PW Password_Admin with the local computername and decrypt it.

#Include <String.au3>
$strpwd = _StringEncrypt (1, "Password_Admin", @ComputerName, 5)
MsgBox (0,"",$strpwd)
MsgBox (1,"",_StringEncrypt (0, $strpwd, @ComputerName, 5))

;-))

Stefan

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

It is generally considered more secure to use a one-way encryption when working with passwords. A one-way encryption is one that can not be reliably decrypted. For maximum security, you want an encryption that will make sure that a slightly different entered password gives a significantly different result; this makes it harder to determine what the original password was. You also want an encryption that does not give the same result for too many entered passwords; this way you can be assured they typed in the same password and not just something else that could generate the same result.

Here is the process:

  • Enter the password you want to match against.
  • Encrypt the password using one-way encryption.
  • Store the encrypted password.

  • Ask a user for a password.
  • Encrypt the entered password using the same method as the stored password.
  • Compare the results. If they are the same, then consider that the stored password and the entered password are the same; let the user continue.

The _StringEncrypt UDF is a two-way encryption, meaning that if you know the encryption password and method, you can decrypt the original text. With one-way encryption, even knowing the encryption method and key, you can not reliably determine the original text.

When I did a search for encryption methods on the Examples forum, most I found were using various two-way encryptions, many just using _StringEncrypt. Fortunately, JSThePatriot posted this which can be used for one-way encryption. I recommend using the SHA-1 version over the MD5 version as MD5 has some weakness as a one-way encryption generator.

Edited by Nutster

David Nuttall
Nuttall Computer Consulting

An Aquarius born during the Age of Aquarius

AutoIt allows me to re-invent the wheel so much faster.

I'm off to write a wizard, a wonderful wizard of odd...

Share this post


Link to post
Share on other sites

Thanks a lot i'll try the SHA-1 method and get back to you but when i have the time.

Share this post


Link to post
Share on other sites

THX for the example! it helped me a lot!

Hi,

have a look at _Stringencrypt in helpfile.

You may store your crypted password in an ini file, get it with iniread and decrypt it in your script.

Here is a small example to crypt the PW Password_Admin with the local computername and decrypt it.

#Include <String.au3>
$strpwd = _StringEncrypt (1, "Password_Admin", @ComputerName, 5)
MsgBox (0,"",$strpwd)
MsgBox (1,"",_StringEncrypt (0, $strpwd, @ComputerName, 5))

;-))

Stefan

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0