Jump to content
Sign in to follow this  
iamtheky

Non-Standard Authentication

Recommended Posts

iamtheky

I would like to see the creative minds' solutions to taking a traditional user input password, but authenticating it in a non-standard way.

My first couple of thoughts were for the user to be able to type in a different string for each authentication.  Of course there is plenty that would have to happen to roll the index and roll the keys, maybe set some characters to large numbers or negatives, and maybe blacklist inputs for a length of time after use, but i would rather see the raw, simplest of implementations without the hardening.   

1) letters are assigned values and the only thing that matters is the end value, not the characters entered.  

Example: 13 Z's or 1 -

$key = 338

$input = inputbox("key" , "Enter Key")
$aInput = stringsplit($input, "")

$value = 0

for $i = 1 to $aInput[0]
    If $aInput[$i] = "a" Then $value+=1
    If $aInput[$i] = "b" Then $value+=2
    If $aInput[$i] = "c" Then $value+=3
    If $aInput[$i] = "d" Then $value+=4
    If $aInput[$i] = "e" Then $value+=5
    If $aInput[$i] = "f" Then $value+=6
    If $aInput[$i] = "g" Then $value+=7
    If $aInput[$i] = "h" Then $value+=8
    If $aInput[$i] = "i" Then $value+=9
    If $aInput[$i] = "j" Then $value+=10
    If $aInput[$i] = "k" Then $value+=11
    If $aInput[$i] = "l" Then $value+=12
    If $aInput[$i] = "m" Then $value+=13
    If $aInput[$i] = "n" Then $value+=14
    If $aInput[$i] = "o" Then $value+=15
    If $aInput[$i] = "p" Then $value+=16
    If $aInput[$i] = "q" Then $value+=17
    If $aInput[$i] = "r" Then $value+=18
    If $aInput[$i] = "s" Then $value+=19
    If $aInput[$i] = "t" Then $value+=20
    If $aInput[$i] = "u" Then $value+=21
    If $aInput[$i] = "v" Then $value+=22
    If $aInput[$i] = "w" Then $value+=23
    If $aInput[$i] = "x" Then $value+=24
    If $aInput[$i] = "y" Then $value+=25
    If $aInput[$i] = "z" Then $value+=26
    If $aInput[$i] == "-" Then $value+=338
Next

    If number($value) = number($key) Then
        msgbox(0, '' , "Matched Value")
    Else
;~      msgbox(0, '' , $value & " does not match")
        msgbox(0, '' , "value does not match")
    Endif

exit

2) And my second thought is one that requires a two character difference, whether it be upper to lower, transposing two characters, or replacing two altogether.

Ex.

$key = "FatFingerPassword"

$input = inputbox("key" , "Enter Key")

$aInput = stringsplit($input, "")
$aKey = stringsplit($key, "")
$correct = 0

If $aInput[0] = $aKey[0] Then

for $i = 1 to $aInput[0]
    If $aInput[$i] == $aKey[$i] Then $correct+=1
Next

    If number($correct) = number($aKey[0] - 2) Then
        msgbox(0, '' , "2 character difference, success!")
    Else
        msgbox(0, '' , "Key does not match")
    Endif

Else
    msgbox(0, '' , "Incorrect Number of characters")

EndIf

exit
Edited by boththose

,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Share this post


Link to post
Share on other sites
guinness

PasswordValid in my signature. Or is this a challenge?


UDF List:

 
_AdapterConnections()_AlwaysRun()_AppMon()_AppMonEx()_ArrayFilter/_ArrayReduce_BinaryBin()_CheckMsgBox()_CmdLineRaw()_ContextMenu()_ConvertLHWebColor()/_ConvertSHWebColor()_DesktopDimensions()_DisplayPassword()_DotNet_Load()/_DotNet_Unload()_Fibonacci()_FileCompare()_FileCompareContents()_FileNameByHandle()_FilePrefix/SRE()_FindInFile()_GetBackgroundColor()/_SetBackgroundColor()_GetConrolID()_GetCtrlClass()_GetDirectoryFormat()_GetDriveMediaType()_GetFilename()/_GetFilenameExt()_GetHardwareID()_GetIP()_GetIP_Country()_GetOSLanguage()_GetSavedSource()_GetStringSize()_GetSystemPaths()_GetURLImage()_GIFImage()_GoogleWeather()_GUICtrlCreateGroup()_GUICtrlListBox_CreateArray()_GUICtrlListView_CreateArray()_GUICtrlListView_SaveCSV()_GUICtrlListView_SaveHTML()_GUICtrlListView_SaveTxt()_GUICtrlListView_SaveXML()_GUICtrlMenu_Recent()_GUICtrlMenu_SetItemImage()_GUICtrlTreeView_CreateArray()_GUIDisable()_GUIImageList_SetIconFromHandle()_GUIRegisterMsg()_GUISetIcon()_Icon_Clear()/_Icon_Set()_IdleTime()_InetGet()_InetGetGUI()_InetGetProgress()_IPDetails()_IsFileOlder()_IsGUID()_IsHex()_IsPalindrome()_IsRegKey()_IsStringRegExp()_IsSystemDrive()_IsUPX()_IsValidType()_IsWebColor()_Language()_Log()_MicrosoftInternetConnectivity()_MSDNDataType()_PathFull/GetRelative/Split()_PathSplitEx()_PrintFromArray()_ProgressSetMarquee()_ReDim()_RockPaperScissors()/_RockPaperScissorsLizardSpock()_ScrollingCredits_SelfDelete()_SelfRename()_SelfUpdate()_SendTo()_ShellAll()_ShellFile()_ShellFolder()_SingletonHWID()_SingletonPID()_Startup()_StringCompact()_StringIsValid()_StringRegExpMetaCharacters()_StringReplaceWholeWord()_StringStripChars()_Temperature()_TrialPeriod()_UKToUSDate()/_USToUKDate()_WinAPI_Create_CTL_CODE()_WinAPI_CreateGUID()_WMIDateStringToDate()/_DateToWMIDateString()Au3 script parsingAutoIt SearchAutoIt3 PortableAutoIt3WrapperToPragmaAutoItWinGetTitle()/AutoItWinSetTitle()CodingDirToHTML5FileInstallrFileReadLastChars()GeoIP databaseGUI - Only Close ButtonGUI ExamplesGUICtrlDeleteImage()GUICtrlGetBkColor()GUICtrlGetStyle()GUIEventsGUIGetBkColor()Int_Parse() & Int_TryParse()IsISBN()LockFile()Mapping CtrlIDsOOP in AutoItParseHeadersToSciTE()PasswordValidPasteBinPosts Per DayPreExpandProtect GlobalsQueue()Resource UpdateResourcesExSciTE JumpSettings INISHELLHOOKShunting-YardSignature CreatorStack()Stopwatch()StringAddLF()/StringStripLF()StringEOLToCRLF()VSCROLLWM_COPYDATAMore Examples...

Updated: 22/04/2018

Share this post


Link to post
Share on other sites
spudw2k

I like the idea of your first example, but I think it could be improved by using prime number values instead.  That way you are better poised to prevent/limit collisions.  You should also limit how many chars can be entered.

Share this post


Link to post
Share on other sites
iamtheky

max string size is a must, or enough a's will get you in.  And it can certainly evolve into a challenge, I was more just interested in unique takes on authentication.


,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×