Sign in to follow this  
Followers 0
tip

How to secure used passwords in autoit script?

11 posts in this topic

Hi to all,

I'm sure this has been asked several times but honestly I couldn't find a satisfying answer to it...

I'm coding a software which at some point uses AES algorithm to encrypt and decrypt things...

My question is the following: How can ensure my aes password stays safe? What is the best way?

Thanks in advance

Tip


[center]MsgBox_Tipped: Eye candy msgboxes/inputboxes/loginboxes. | CreateBlankBox: Semi-transparent layers with borders and rounded corners.[/center]

Share this post


Link to post
Share on other sites



Encrypt the password using another method

Share this post


Link to post
Share on other sites

If someone can reach the password embeded in my exe he can also reach that other password you suggested ^_^...


[center]MsgBox_Tipped: Eye candy msgboxes/inputboxes/loginboxes. | CreateBlankBox: Semi-transparent layers with borders and rounded corners.[/center]

Share this post


Link to post
Share on other sites

I know I've read about it ^_^...

I was asking if there is a reliable method for doing what I need...

For ex if I compile a special dll and then call it without passing any password to it -password is embeded in dll- will it be safe???

Tip


[center]MsgBox_Tipped: Eye candy msgboxes/inputboxes/loginboxes. | CreateBlankBox: Semi-transparent layers with borders and rounded corners.[/center]

Share this post


Link to post
Share on other sites

I know I've read about it ^_^...

I was asking if there is a reliable method for doing what I need...

For ex if I compile a special dll and then call it without passing any password to it -password is embeded in dll- will it be safe???

Tip

Think about that question... where would you be calling the dll from? So... If they're in your script... I'm pretty sure they'll see they need no params and have the ability to get the pw quite easily.

[center]Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.[/center]

Share this post


Link to post
Share on other sites

I'm aware that it wasn't a considerable idea I'm just trying to expend our vision and -maybe- to explain my needs better...

Thanks

Tip


[center]MsgBox_Tipped: Eye candy msgboxes/inputboxes/loginboxes. | CreateBlankBox: Semi-transparent layers with borders and rounded corners.[/center]

Share this post


Link to post
Share on other sites

Put the password on a server , encript it , allow access only with the compiled executable to the data.

Share this post


Link to post
Share on other sites

#10 ·  Posted

Using a method that isn't posted here is probably your most secure option. Go for confusion and uniqueness like I did :) It will take someone a good deal of time to figure out what the hell I've done and I hope that is enough to make it not worth the effort. This might sound crazy but no exe is safe from what I understand so I just made up my own crazy routine.


www.abox.orgAvery HowellVisit My AutoIt Websitehttp://www.abox.org

Share this post


Link to post
Share on other sites

#11 ·  Posted

.... if a hacker is dedicated enough then he\she WILL GET IT!! no matter what you do... :) but what are the chances of a serious hacker looking through your stuff?

string encrypt a hex value of an ascii value of the Chr's?

im not sure what to do in this area.. but im sure the Dev's or Mod's will be able to help

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0