Thread: Password help

Hi every one. I have only been programming for a few months now , and I am already stuck.

I have currently been trying to develop a new security program for websites , but have come across a few minor difficulties - when the user types the password , any one can see it. I need a way of replacing any characters with *.

Here is the code so far :

Code:

#include <iostream>
#include <cstring>

using namespace std;

int main()

{
    
    char userid[501];
    char password[501];
    
    cout<<"Security program initiated.\n\n\n\n";
    cout<<"Enter your user ID : ";
    cin.getline (userid , 501 );
    
    cout<<"\nEnter your password : ";
    cin.getline (password , 501 );
    
    while (strcmp (userid, "41149512")== 1||strcmp ( password, "solaris" ) == 1 ) {
        cout<<"\n\n\nInvalid user ID or password. Please try again.\n\n\n";
        cout<<"Enter your user ID : ";
        cin.getline (userid , 501 );
        
        cout<<"\nEnter your password : ";
        cin.getline (password , 501 );
    };
    
    if (strcmp ( userid, "41149512" ) == 0&&strcmp ( password, "solaris" ) == 0 ){
        cout<<"\n\n\nVerifying user ...\n\nUser identified.\nWelcome back.\n\n\n<< Press Enter to continue >>";
    };
    
    cin.get();
    return 0;
}

Also , it comes up with lots of errors on line 54 , but there are only 35 lines in the program according to the compiler.

This is really confusing me. I think it may be a header file , but I'm not sure. Please help !

> any one can see it. I need a way of replacing any characters with *.
Then you need to say which OS and compiler you're using.

> Also , it comes up with lots of errors on line 54
Post those errors then - we all have different compilers.

> while (strcmp (userid, "41149512")== 1||strcmp ( password, "solaris" ) == 1 )
Check the return result of strcmp in the manual.
== 1 is not what you want
!= 0 probably is.

Compiler : Dev C++
Errors :

54 C:\PROGRAM FILES\DEV-CPP\include\c++\3.3.1\bits\stl_algobase.h:67, from C:\PROGRAM FILES\DEV-CPP\include\c++\3.3.1\memory In file included from C:/PROGRAM FILES/DEV-CPP/include/c++/3.3.1/bits/stl_algobase.h:67, from C:/PROGRAM FILES/DEV-CPP/include/c++/3.3.1/memory

48 C:\PROGRAM FILES\DEV-CPP\include\c++\3.3.1\memory:54, from C:\PROGRAM FILES\DEV-CPP\include\c++\3.3.1\string from C:/PROGRAM FILES/DEV-CPP/include/c++/3.3.1/memory:54, from C:/PROGRAM FILES/DEV-CPP/include/c++/3.3.1/string

47 C:\PROGRAM FILES\DEV-CPP\include\c++\3.3.1\string:48, from C:\PROGRAM FILES\DEV-CPP\include\c++\3.3.1\bits\locale_classes.h from C:/PROGRAM FILES/DEV-CPP/include/c++/3.3.1/string:48, from C:/PROGRAM FILES/DEV-CPP/include/c++/3.3.1/bits/locale_classes.h

47 C:\PROGRAM FILES\DEV-CPP\include\c++\3.3.1\bits\locale_classes.h:47, from C:\PROGRAM FILES\DEV-CPP\include\c++\3.3.1\bits\ios_base.h from C:/PROGRAM FILES/DEV-CPP/include/c++/3.3.1/bits/locale_classes.h:47, from C:/PROGRAM FILES/DEV-CPP/include/c++/3.3.1/bits/ios_base.h

49 C:\PROGRAM FILES\DEV-CPP\include\c++\3.3.1\bits\ios_base.h:47, from C:\PROGRAM FILES\DEV-CPP\include\c++\3.3.1\ios from C:/PROGRAM FILES/DEV-CPP/include/c++/3.3.1/bits/ios_base.h:47, from C:/PROGRAM FILES/DEV-CPP/include/c++/3.3.1/ios

45 C:\PROGRAM FILES\DEV-CPP\include\c++\3.3.1\ios:49, from C:\PROGRAM FILES\DEV-CPP\include\c++\3.3.1\ostream from C:/PROGRAM FILES/DEV-CPP/include/c++/3.3.1/ios:49, from C:/PROGRAM FILES/DEV-CPP/include/c++/3.3.1/ostream

45 C:\PROGRAM FILES\DEV-CPP\include\c++\3.3.1\ostream:45, from C:\PROGRAM FILES\DEV-CPP\include\c++\3.3.1\iostream from C:/PROGRAM FILES/DEV-CPP/include/c++/3.3.1/ostream:45, from C:/PROGRAM FILES/DEV-CPP/include/c++/3.3.1/iostream

1 C:\PROGRAM FILES\DEV-CPP\include\c++\3.3.1\iostream:45, from Templates\danpassword.cpp from C:/PROGRAM FILES/DEV-CPP/include/c++/3.3.1/iostream:45, from Templates/danpassword.cpp

1 C:\Program Files\Dev-Cpp\Templates\danpassword.cpp from Templates/danpassword.cpp

108 C:\PROGRAM FILES\DEV-CPP\include\c++\3.3.1\cstdlib `rand' not declared


Changed == 1 to != 0 : Does not work.

Thanks for the help anyway.

Works for me

Code:

#include <iostream>
#include <cstring>

using namespace std;

int main()

{
    
    char userid[501];
    char password[501];
    
    cout<<"Security program initiated.\n\n\n\n";
    cout<<"Enter your user ID : ";
    cin.getline (userid , 501 );
    
    cout<<"\nEnter your password : ";
    cin.getline (password , 501 );
    
    while (strcmp (userid, "41149512") != 0 || strcmp ( password, "solaris" ) != 0 ) {
        cout<<"\n\n\nInvalid user ID or password. Please try again.\n\n\n";
        cout<<"Enter your user ID : ";
        cin.getline (userid , 501 );
        
        cout<<"\nEnter your password : ";
        cin.getline (password , 501 );
    };
    
    if (strcmp ( userid, "41149512" ) == 0 && strcmp ( password, "solaris" ) == 0 ) {
        cout<<"\n\n\nVerifying user ...\n\nUser identified.\n"
              "Welcome back.\n\n\n<< Press Enter to continue >>";
    };
    
    cin.get();
    return 0;
}

> 1 C:\Program Files\Dev-Cpp\Templates\danpassword.cpp from Templates/danpassword.cpp
Does this mean your source code is in the same directory structure as the compiler?

This is a really bad idea - create a whole new directory (say c:\coding) where you can put all your own code.

That ... works for you ... Really ???
No errors ??? Oh well , I'll figure somthin' out.


So anyway , is there any way to change the input to * ? I really need to put these on to the program , because when I go on web site , very often at school , people will see the password.

I was trying to make one of those little login window aps , but they seem really complicated , especially for the likes of me.

Any help will be greatly appriciated.
Thanks

2 things:

1.)

Code:

if(strcmp(password, "solaris") !=0)

if you say !=0 that's like saying while it isn't true right?
i thought 0 was true and 1 was false.


2.) Secondly when you get your program up and running you should try an encryption scheme on the password and save the encrypted password in a file. Anyone with a decompiler or hex editor can figure out the password if it is hardcoded into the program. I would suggest Hashing it and then just comparing hash values it is very secure(the chances of two hash values being the same is 1 : (2 to the 256th power); that's what most websites use) MD5 or SHA are good (google it you'll get tons of crap)

Good Luck!

A hash cannot be decrypted. You can find data whose hash is the same as the hash you have, but you can never be sure which one is the right one (and there are infinite solutions).

Which version of Dev-C++ do you have?

Dev-C++ 5 Beta 9 (4.9.9.1) should be the one

As far as encryption goes.. there will always be one big downside... no matter how much you scramble, hash, hide, maniuplate, map, ,mask, rotate, xor, bit shift etc.. there will always be a way to decrypt all the work you've done to hide your password. (yes, some schemes are wicked harder than others, but even the most technical encryption scheme has to be decrypted)

Just letting you know...Your right. The only problem is with algoriths like DES, Triple-DES, GOST and other highly advanced algorithms would take a very long time to decrypt. Even though these schemes are even based around the XOR function they add unpredictable elements to the mix. The only way to decrypt these would be through a brute force attack...

By the way it would take a $10 Trillion Dollar Super-Computer about 1,000,000,000,000 (10^11) years to decipher a 128-Bit key using brute force (which is the only way to break these ciphers). So your right if you think that someone is going to spend $10 T dollars and waste 100..... years of their time doing this.

Just remember the longer your key is the safer your message is (a 40 bit key can be solved in .02 microseconds using the same computer)!