Adding a count to lock a user if too many password attempts is reached

Thudo · July 22, 2010

My code:

Func _PasswordCheck()
$bPasswordHash=(FileReadLine($sav, 5))
$bMasterPasswordHash=(FileReadLine($sav, 6)) 
$sPassword=InputBox("Login","Enter Password      "&(FileReadLine($sav, 5)),"",'',320,100)
If _Crypt_HashData($sPassword,$CALG_MD5)="0x"&$bPasswordHash or _Crypt_HashData($sPassword,$CALG_MD5)="0x"&$bMasterPasswordHash Then
Else
    MsgBox(16,"Access Denied","Password Incorrect!")
EndIf
EndFunc

So when a user continues to get the MsgBox "Access Denied" I want to lock them out after a certain # of attempts has passed. Essentially, I want after X times to have a pop-up happen saying "too many failed attempted logins have occurred". I feel like a dolt I know this is simple somewhere. :blink:

Thanks everyone!

Edited July 22, 2010 by Thudo

Yoriz · July 22, 2010

Something like this ?

Switch _PasswordCheck()
    Case 1
        MsgBox(0, "Result", "Login Correct")
    Case 0
        MsgBox(0, "Result", "Login Cancelled ")
    case -1
        MsgBox(0, "Result", "Failed 3 times lock out user")
EndSwitch

Func _PasswordCheck()
    Local $iXTimes = 3, $iCount = 1
    While 1
        Local $sPassword = InputBox("Login", "Enter Password", "", "", 320, 100)
        Select
            Case $sPassword = "Correct"
                Return 1
            Case $iCount = $iXTimes
                MsgBox(16, "Access Denied", "Too many failed attempted logins have occurred !")
                Return -1
            Case $sPassword = ""
                If @error = 1 Then Return 0
            Case Else
                MsgBox(16, "Access Denied", "Password Incorrect!" & @CR & "You have " & $iXTimes - $iCount & " trys left")
                $iCount += 1
        EndSelect
    WEnd
EndFunc   ;==>_PasswordCheck

Edited July 23, 2010 by Yoriz

EdWilson · July 23, 2010

Thanks - this helped me out - I was looking for exactly this tonight.

Do you want to reverse the order of two of the cases such that checking for the proper password comes first?

This way if you get it on the last attempt it still recognizes it.

Case $sPassword = "Correct"

Return 1

Case $iCount = $iXTimes

MsgBox(16,"Access Denied", "Too many failed attempted logins have occurred !")

Return -1

Ed

Yoriz · July 23, 2010

Well spotted EdWilson, i have switched them around in the original post, as suggested.

Thudo · July 23, 2010

Forgive my ignorance but where does:

If _Crypt_HashData($sPassword,$CALG_MD5)="0x"&$bPasswordHash or _Crypt_HashData($sPassword,$CALG_MD5)="0x"&$bMasterPasswordHash Then

fit in there? Password has to be validated by the encryption. :blink:

Ah and can you also compensate for the user hitting the ESC key and when user hits OK just leaving the input box blank it should count as an invalid login? Hitting ESC bypasses the prompt. Huge security flaw.

Now have to figure out how to lock the user's mouse/keyboard to the login prompt during and after the logins have failed.

Really appreciate this help!

Edited July 23, 2010 by Thudo

Yoriz · July 23, 2010

I dont know what _Crypt_HashData returns but the code checks the password is correct with this line so alter it to suit.

Case $sPassword = "Correct"

To have ESC key and when user hits OK just leaving the input box blank count as an attempt to login just comment out the following.

Case $sPassword = ""

If @error = 1 Then Return 0

Locking the mouse/keyboard sounds a bit harsh, why not just set that user to disabled , then once that user account has been investigated it can be reanabled or lock it out for a certain time or something.

Thudo · July 23, 2010

I dont know what _Crypt_HashData returns but the code checks the password is correct with this line so alter it to suit.
Case $sPassword = "Correct"

Return Value

Success: Returns hash or hash object if $fFinal=False

Sets @error to 0

Failure: Returns -1 and sets @error:

1 - Failed to create hash object

2 - Failed to hash data

3 - Failed to get hash size

4 - Failed to get hash

I'm still figuring out where to put it in your code.

To have ESC key and when user hits OK just leaving the input box blank count as an attempt to login just comment out the following.
Case $sPassword = ""
If @error = 1 Then Return 0

Yep worked great!

Locking the mouse/keyboard sounds a bit harsh, why not just set that user to disabled , then once that user account has been investigated it can be reanabled or lock it out for a certain time or something.

Yeah harsh I know but security wants this locked up so noone can use it. They don't have Windows authentication via AD enabled on such boxes hence the need to fully simulate it. :blink:

We'll likely work out a compromise.

Thudo · July 23, 2010

Ah gotcha..

If _Crypt_HashData($sPassword,$CALG_MD5)="0x"&$bPasswordHash or _Crypt_HashData($sPassword,$CALG_MD5)="0x"&$bMasterPasswordHash Then Return $sPassword

Works great.. :blink:

Sign In

Adding a count to lock a user if too many password attempts is reached

Recommended Posts

Thudo

Link to comment

Share on other sites

Yoriz

Link to comment

Share on other sites

EdWilson

Link to comment

Share on other sites

Yoriz

Link to comment

Share on other sites

Thudo

Link to comment

Share on other sites

Yoriz

Link to comment

Share on other sites

Thudo

Link to comment

Share on other sites

Thudo

Link to comment

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Recently Browsing 0 members

Browse

AutoIt Resources

Release

Beta