Sign in to follow this  
Followers 0
sak

Login Password Script

11 posts in this topic

#1 ·  Posted (edited)

hi! You're try. :) Your password = 'AutoIt'

If password ok. It's run Calculator program.

#NoTrayIcon

Opt("MustDeclareVars", 1)

LoginPassword()
Func LoginPassword()
    Local $VarWord, $RetWord, $Pass = 'AutoIt'
  While 1
       $RetWord = InputBox("Password Confirm", "Enter:Your Password", Default, "*", 200, 100, 370, 300)
    Select
       Case @error
      ExitLoop
       Case $RetWord = ''
      MsgBox(0, "", "Please push password in to the inputbox.")
       Case $RetWord <> $Pass
      MsgBox(48, "", "Password corret.")
       Case Else
      MsgBox(64, "", "Password ok.")
      Run("Calc.exe")
      ExitLoop
    EndSelect
  WEnd
EndFunc
Edited by sak

Share this post


Link to post
Share on other sites



This is a more Secure Login mechanism straight from the help file.

#include  <Crypt.au3>

; Example of hashing data and using it to authenticate password

; This is the MD5-hash of the correct password
$bPasswordHash="0xCE950A8D7D367B5CE038E636893B49DC"

$sPassword=InputBox("Login","Please type the correct password.","Yellow fruit that is popular among monkeys")

If _Crypt_HashData($sPassword,$CALG_MD5)=$bPasswordHash Then
    MsgBox(64,"Access Granted","Password correct!")
Else
    MsgBox(16,"Access Denied","You entered the wrong password!")
EndIf

Never embed a cleartext password in a script. At the very least encrypt it, but using a hash is the most secure.

Share this post


Link to post
Share on other sites

whats wrong with using something like

$pass = InputBox ("","input password","","*")
if $pass = "password" Then
MsgBox (1,"","correct")
Else
    Exit
EndIf

(hey, I am relatively new here, but I would love any suggestions! :))

BTW is it possible to create a "username - password" database which Autoit could read from, and others could create new "accounts"?

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

whats wrong with using something like

$pass = InputBox ("","input password","","*")
if $pass = "password" Then
MsgBox (1,"","correct")
Else
    Exit
EndIf

AutoIt Scripts are not secure. Anyone smart enough to examine the source code will see your "password".

A Hash is calculated, so even if a smart guy gets the source with the hash value, it doesn't tell them what password was used to create it.

BTW is it possible to create a "username - password" database which Autoit could read from, and others could create new "accounts"?

Sure, you could use SQLLite or ADODB. There are several examples to working with DBs that can be found by searching. Edited by spudw2k

Share this post


Link to post
Share on other sites

aaaahhhh... I understand now...

Thanks, apparently I have much to learn :)

Share this post


Link to post
Share on other sites

hi! Invite you to experiment more. :) Your password = 'AutoIt'

If the correct password. 'll Run the calculator.

#NoTrayIcon

Opt("MustDeclareVars", 1)

LoginPassword()
Func LoginPassword()
    Local $VarWord, $RetWord, $Pass = 'AutoIt'
  While 1
       $RetWord = InputBox("Password Confirm", "Enter:Your Password", Default, "*", 200, 100, 370, 300)
    Select
       Case @error
      ExitLoop
       Case $RetWord = ''
      MsgBox(0, "", "Please enter your password in the box.")
       Case $RetWord <> $Pass
      MsgBox(48, "", "The password is incorrect .. Try.")
       Case Else
      MsgBox(64, "", "The correct password.")
      Run("Calc.exe")
      ExitLoop
    EndSelect
  WEnd
EndFunc

Share this post


Link to post
Share on other sites

If I posted the message and not be meaningful to apologize for mistakes.

Because not know English. :)

Share this post


Link to post
Share on other sites

This is a more Secure Login mechanism straight from the help file.

#include  <Crypt.au3>

; Example of hashing data and using it to authenticate password

; This is the MD5-hash of the correct password
$bPasswordHash="0xCE950A8D7D367B5CE038E636893B49DC"

$sPassword=InputBox("Login","Please type the correct password.","Yellow fruit that is popular among monkeys")

If _Crypt_HashData($sPassword,$CALG_MD5)=$bPasswordHash Then
    MsgBox(64,"Access Granted","Password correct!")
Else
    MsgBox(16,"Access Denied","You entered the wrong password!")
EndIf

Never embed a cleartext password in a script. At the very least encrypt it, but using a hash is the most secure.

you're saying to save the hash right above it?

you know they can use your next few lines using _Crypt_HashData with a param used $CALG_MD5. they know what you used to get that hash.

Share this post


Link to post
Share on other sites

#9 ·  Posted (edited)

you're saying to save the hash right above it?

you know they can use your next few lines using _Crypt_HashData with a param used $CALG_MD5. they know what you used to get that hash.

In this particular example yes, but I wouldn't recommend leaving the correct password as the default for the inputbox. :)

edit: in fact, you wouldn't want any default...right?

You don't even have to store the hash in the script if you don't want too.

All depends on the end goal I 'spose. This was just a lesson in storing secure passwords.

Edited by spudw2k

Share this post


Link to post
Share on other sites

In this particular example yes, but I wouldn't recommend leaving the correct password as the default for the inputbox. :)

edit: in fact, you wouldn't want any default...right?

You don't even have to store the hash in the script if you don't want too.

All depends on the end goal I 'spose. This was just a lesson in storing secure passwords.

Aren't compiled scripts (.exe) relatively safe?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0