Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

encrypted logins

Status
Not open for further replies.
eves

eves

Programmer
Jul 29, 2001
18
SG
Hi... I wish to put a log in screen in my project where the passwords are kept securely in a database(with the passwords encrypted already) and allow the user(after they log in) to change their password.

And apart from that is there any way that the login can detect if there is previous users that have already got their userID and passwords. how is this done?

And can the database entries be protected so that it can't be altered in any way or records cannot be deleted unless deleted by the user itself?

I've got lots of Questions in my mind and i'm really in need of this.

I've tried reading on materials regarding encryption but i just don't really understand the codes. I just need a simple source that allows the above to be done.

Thanks to all in advanced.
=)
 
Sort by date Sort by votes
hmm... is there anyone at all who knows how this can be done..?
 
Upvote 0 Downvote
Well,
I implemented something like this in my database:

I when a user logs in, it generates a random alpha sequence.
It is only at this point that the userid and passwords are checked (if not, it won't create the alpha sequence and won't let the user log in). the alpha sequence will act as a security code and will identify the user. Each user will have a different access code.
If the login is successfull, the security code is saved in the database in the user's record as well as stored in the program in a variable.
Then, in your program, when you wish validate the user, simply compare the security code with the one in the database. if they are the same, the user is authenticated.

I used this form of security on my webpages, which will prevent sniffers from getting the user's password via the links and cgi calls within the webpages.
Also, this way the password is only sent once between the user and the server, so that interception is kept at a minimum.
However, this might not be a viable solution for applications.

Take Care,
Mike

<a href=&quot; target=&quot;top&quot;><img border=0 src= Take Care,
Mike
 
Upvote 0 Downvote
Hmm... yeas that's practically wat i planned but the random alpha sequence generation is something i haven't thought of... hmm..do u have any example or any source u can provide that might be useful for me..? =) cuz i'm not really proficient with programming that kinda codes myself... hehe but i'm learning. i'm in quite a hurry fer it too...

Thanks lotz lotz..=)
 
Upvote 0 Downvote
function to generate random Security Code:

Pivate Function SecurityGen() As String
Dim nDigits As Integer 'length of sec. string
Dim cResult As String 'stores string
Dim nRandom As Integer 'random number
Dim nLower As Integer 'lowest number
Dim nUpper As Integer 'highest number
Dim i As Integer 'counter

nDigits = 8 'set length to 8 char
nLower = 48 'equiv. of 0
nUpper = 122 'equiv of z
For i = 0 to nDigits - 1
'next line checks to see if random number is either digit or alpha
nRandom = Int((nUpper - nLower + 1) * Rnd + nLower)
if (((nRandom >= 48) And (nRandom <= 57)) or ((nRandom >= 65) and (nRandom <= 90)) or ((nRandom >= 97) and (nRandom <= 122))) Then
cResult = cResult & chr(nRandom)
Else
i = i - 1 'redoes this element
End If
Next i
SecurityGen = cResult 'return result
End Function

Note that this function only works on systems using ASCII characters, as the ASCII value is determined by the random number generator.
Some adjusting of the numbers will be necessary to run this on systems using other character codes. Take Care,
Mike
 
Upvote 0 Downvote
Of course, if you really wanted to get carried away, you could always investigate the CryptoAPI...
 
Upvote 0 Downvote
hehe, StrongM definately has a point. I'm sure it will prove to be more usefull to you, if you have greater plans for the encryption dillio.
Take Care,
Mike
 
Upvote 0 Downvote
hahah
Cool.... Thanks lotz... This will really help me lots...=)

Thanks very muz..=)
 
Upvote 0 Downvote
Do a search for it on the web... you'll find something

the API is already in your system, you just need to find out how to call it. Take Care,
Mike
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

iwells
  • Locked
  • Question
Read Encrypted Text File 1
Replies
4
Views
85
strongm
strongm
3wsparky
  • Locked
  • Question
Encrypted strokes
Replies
3
Views
24
3wsparky
3wsparky
FatEric
  • Locked
  • Question
reading windows login name and password (encrypted) 3
Replies
17
Views
120
FatEric
FatEric
j0em0mma
  • Locked
  • Question
Best way to store and retrieve encrypted password?
Replies
1
Views
22
j0em0mma
j0em0mma
Trishster00
  • Locked
  • Question
Send automated signed/encrypted email using VB 1
Replies
1
Views
21
strongm
strongm

Part and Inventory Search

Sponsor

Back
Top