Thread: Securing data?

  1. 07-24-2009 #1
    canpakes
    canpakes is offline
    Registered User
    Join Date
    Jul 2009
    Posts
    1

    Securing data?

    Okay, so I'm fairly new to c++ programming. For practice, I wanted to create a program to store my data (like passwords and such) but I'm not sure how to go about making that data secure..

    Obviously the program itself will prompt the user for a password at the start. If I store the data in a text file, then someone could easily just open it and read it. If I store the information in variables, how will I add new information while the program runs, rather than editing the source code?

    I'm just gonna go out on a limb here and assume this is a very dumb question so thanks in advance for your patience
  2. 07-24-2009 #2
    bithub
    bithub is offline
    Registered User
    Join Date
    Sep 2004
    Location
    California
    Posts
    3,268
    Well security is a pretty advanced topic, but there are some things you can do to get some light, simple security.

    For instance, instead of storing a password in a file, store a hash of the password in the file. Then when the user enters in a password, your application will hash that password, then check to see if the hash matches the one stored in the file. This way a user cannot just open the file to read the password.

    The problem with that is that a dedicated abuser could read your hash from the file, then generate a password that matches the same hash.
  3. 07-24-2009 #3
    Cactus_Hugger
    Cactus_Hugger is offline
    int x = *((int *) NULL); Cactus_Hugger's Avatar
    Join Date
    Jul 2003
    Location
    Banks of the River Styx
    Posts
    902
    Quote Originally Posted by bithub View Post
    Well security is a pretty advanced topic, but there are some things you can do to get some light, simple security.

    For instance, instead of storing a password in a file, store a hash of the password in the file. Then when the user enters in a password, your application will hash that password, then check to see if the hash matches the one stored in the file. This way a user cannot just open the file to read the password.

    The problem with that is that a dedicated abuser could read your hash from the file, then generate a password that matches the same hash.
    I read the OP's post as he was making a program to store passwords of other programs. Since you generally aren't in control of the behavior of the other programs, hashing the passwords makes them useless. (Since you can't enter the hash...)

    If this is the case, you would just store the passwords, and encrypt the file containing them. The encryption key is the 'master' password, or some derivative thereof.
    long time; /* know C? */
    Unprecedented performance: Nothing ever ran this slow before.
    Any sufficiently advanced bug is indistinguishable from a feature.
    Real Programmers confuse Halloween and Christmas, because dec 25 == oct 31.
    The best way to accelerate an IBM is at 9.8 m/s/s.
    recursion (re - cur' - zhun) n. 1. (see recursion)
« Previous Thread | Next Thread »
Popular pages Recent additions subscribe to a feed

Similar Threads

  1. xor linked list
    By adramalech in forum C Programming
    Replies: 23
    Last Post: 10-14-2008, 10:13 AM
  2. Bitmasking Problem
    By mike_g in forum C++ Programming
    Replies: 13
    Last Post: 11-08-2007, 12:24 AM
  3. brace-enclosed error
    By jdc18 in forum C++ Programming
    Replies: 53
    Last Post: 05-03-2007, 05:49 PM
  4. Program Crashing
    By Pressure in forum C Programming
    Replies: 3
    Last Post: 04-18-2005, 10:28 PM
  5. Ask about how to use startdoc(), startpage() to print data on paper imediately.
    By ooosawaddee3 in forum C++ Programming
    Replies: 1
    Last Post: 07-31-2002, 11:35 AM