Input Box Help

[swstrau118]

Hello I am wondering, is it possible to have an Input box pop up where you can type your password in and then have it save it in "Memory" until computer is restarted? So you will only need to type in the password once and it will remember it. I don't want to store the password in the Autoit exe because someone can grab it, so looking for some help. Here is what I have so far

#include <IE.au3>

$oIE = _IECreate ("website")
$oForm = _IEFormGetObjByName ($oIE, "MAIN")
$oQuery1 = _IEFormElementGetObjByName ($oForm, "SITE")
$oQuery2 = _IEFormElementGetObjByName ($oForm, "LOGON_ID")
$oQuery3 = _IEFormElementGetObjByName ($oForm, "PASSWORD")
$sin="1001"
$uname=@UserName
$pwd = InputBox("Security Check", "Enter your password.", "", "*")
_IEFormElementSetValue ($oQuery1,$sin)
_IEFormElementSetValue ($oQuery2,$uname)
_IEFormElementSetValue ($oQuery3,$pwd)
$oButton=_IEGetObjById($oIE,"ENTER")
_IEAction ($oButton, "click")
_IELoadWait($oIE,0)

[jaberwacky]

You could store it encrypted in a file?  Sorry, layman here.

[FireFox]

Hi,

Take a look at the _Crypt*, File* functions in the helpfile.

Br, FireFox.

[swstrau118]

I am not sure how the _Cyrpt actually works - I don't understand how you can encrypt the password and send it not encrypted.. Could you help me understand this? That would be a great help

[FireFox]

There are the helpfile examples, I can't help you more than them.

Br, FireFox.

Edited August 6, 2013 by FireFox

[JLogan3o13]

I have, at times, used registry - just convert to binary and bury it somewhere so you're not including additional files. As with all things, a determined enough person is going to find it either way.

$pw = "MyPassword"
$hash = Binary($pw)
RegWrite("HKCU\Software\MyAutoItApp", "hex", "REG_BINARY", $hash)

[jaberwacky]

Let's combine the best of both worlds.  Use *_crypt on the password and then store it in the registry.  Protip: AutoIt may not be the best if the application must be totally secure.  I imagine that after someone types in the password but before it gets encrypted a malicious hacker can retrieve the password and then have access to your porn or your Carpenter's album collection.

[swstrau118]

I don't need it to be completely secure, just so that if someone looks at the source code they won't see the password in Plain text. How can you store the password in the registry? Am i correct that the _Crypt allows you to type in a password which will encrypt it and then you can store that in the registry without having the password in plain text in your source code? If so when you want to send your password to say log into your gmail - how could it decrypt your password?

Thanks for all your help - this one has got me stumped

[jaberwacky]

gmail won't decrypt, you'll need to do that before it's sent.

[swstrau118]

Is there a way you can decrypt the password without showing the password in your source code? I wonder if there is a way to have an inputbox where you can type in the password and it would be put into an array (non encrypted) and as long as the script is running you can send the password. Once you close the script and re-run it you'll have to type it in again once.. and it will store the password so everytime you execute the script it would send the password that is stored in memory. Do you think this is possible?

[jaberwacky]

The plain text password does not have to be stored in the script.  The only time it has to be plaintext is shortly before it's encrypted and shortly after it's decrypted.