How to store data secure?

[clifox]

Hello Everyone,

I need your advice on which method is the best to securely save user data for my program!

Thanks.

[Generator]

Hello Everyone,

I need your advice on which method is the best to securely save user data for my program!

Thanks.

StringReplace() and StringSplit should work.

[smstroble]

Prompt the user for a password, then use that to encrypt the data using one, or more, of the many encryption functions (search around the example scripts, there are lots). Thats my vote.

[clifox]

I mean to store data in file, perhaps encrypted so that it could not be eye read.

[Generator]

I mean to store data in file, perhaps encrypted so that it could not be eye read.

If you really want to encrypt, shift all the data up one level, that's what my friend did though(don't know the detail), best is search around forum and look for some very good examples.

[clifox]

Prompt the user for a password, then use that to encrypt the data using one, or more, of the many encryption functions (search around the example scripts, there are lots). Thats my vote.

That's a good idea, but here comes another question: where to save the user password?

[smstroble]

In the users memory? lol. I would expect the user to remember the pass otherwise i dont think these is a secure way to go about it, you would have to store the password some where and that could easily be hacked out. Even encrypting the pass would not work as the pass to the password encryption would be easily gotten.

Edited June 1, 2007 by smstroble

[clifox]

In the users memory? lol. I would expect the user to remember the pass otherwise i dont think these is a secure way to go about it, you would have to store the password some where and that could easily be hacked out. Even encrypting the pass would not work as the pass to the password encryption would be easily gotten.

Where or how to save the MD5 hash to minimize the posibility to be deleted?

[smstroble]

Umm, well in the script directory, windows folder (though i personally dont like it when programs leave files in my windows folder), user directory, or if you want to be really sneaky inside the compiled script itself (sort of..) using Alternate Data Streams (NTFS only), for example saveing to myscript.exe:hash.txt would store hash.txt inside of myscript.exe (this will not protect it from hackers, etc. but it is sneaky ).

[clifox]

Umm, well in the script directory, windows folder (though i personally dont like it when programs leave files in my windows folder), user directory, or if you want to be really sneaky inside the compiled script itself (sort of..) using Alternate Data Streams (NTFS only), for example saveing to myscript.exe:hash.txt would store hash.txt inside of myscript.exe (this will not protect it from hackers, etc. but it is sneaky ).

But what if the user wants to change the password?

[smstroble]

They would have to know the old password but, you could prompt for the password, prompt for a new password, decrypt with old pass, then encrypt with new pass.

[PsaltyDS]

Hello Everyone,

I need your advice on which method is the best to securely save user data for my program!

Thanks.

Look in the help file at the StringEncrypt() function. You can encrypt with a password, and it will only be decrypted with the same password. If the user will be changing the password, then your script needs to read the old data with the old password, then re-encrypt to save it with the new password.