Jump to content

Login Password Script


sak
 Share

Recommended Posts

hi! You're try. :) Your password = 'AutoIt'

If password ok. It's run Calculator program.

#NoTrayIcon

Opt("MustDeclareVars", 1)

LoginPassword()
Func LoginPassword()
    Local $VarWord, $RetWord, $Pass = 'AutoIt'
  While 1
       $RetWord = InputBox("Password Confirm", "Enter:Your Password", Default, "*", 200, 100, 370, 300)
    Select
       Case @error
      ExitLoop
       Case $RetWord = ''
      MsgBox(0, "", "Please push password in to the inputbox.")
       Case $RetWord <> $Pass
      MsgBox(48, "", "Password corret.")
       Case Else
      MsgBox(64, "", "Password ok.")
      Run("Calc.exe")
      ExitLoop
    EndSelect
  WEnd
EndFunc
Edited by sak
Link to comment
Share on other sites

This is a more Secure Login mechanism straight from the help file.

#include  <Crypt.au3>

; Example of hashing data and using it to authenticate password

; This is the MD5-hash of the correct password
$bPasswordHash="0xCE950A8D7D367B5CE038E636893B49DC"

$sPassword=InputBox("Login","Please type the correct password.","Yellow fruit that is popular among monkeys")

If _Crypt_HashData($sPassword,$CALG_MD5)=$bPasswordHash Then
    MsgBox(64,"Access Granted","Password correct!")
Else
    MsgBox(16,"Access Denied","You entered the wrong password!")
EndIf

Never embed a cleartext password in a script. At the very least encrypt it, but using a hash is the most secure.

Link to comment
Share on other sites

whats wrong with using something like

$pass = InputBox ("","input password","","*")
if $pass = "password" Then
MsgBox (1,"","correct")
Else
    Exit
EndIf

(hey, I am relatively new here, but I would love any suggestions! :))

BTW is it possible to create a "username - password" database which Autoit could read from, and others could create new "accounts"?

Link to comment
Share on other sites

whats wrong with using something like

$pass = InputBox ("","input password","","*")
if $pass = "password" Then
MsgBox (1,"","correct")
Else
    Exit
EndIf

AutoIt Scripts are not secure. Anyone smart enough to examine the source code will see your "password".

A Hash is calculated, so even if a smart guy gets the source with the hash value, it doesn't tell them what password was used to create it.

BTW is it possible to create a "username - password" database which Autoit could read from, and others could create new "accounts"?

Sure, you could use SQLLite or ADODB. There are several examples to working with DBs that can be found by searching. Edited by spudw2k
Link to comment
Share on other sites

hi! Invite you to experiment more. :) Your password = 'AutoIt'

If the correct password. 'll Run the calculator.

#NoTrayIcon

Opt("MustDeclareVars", 1)

LoginPassword()
Func LoginPassword()
    Local $VarWord, $RetWord, $Pass = 'AutoIt'
  While 1
       $RetWord = InputBox("Password Confirm", "Enter:Your Password", Default, "*", 200, 100, 370, 300)
    Select
       Case @error
      ExitLoop
       Case $RetWord = ''
      MsgBox(0, "", "Please enter your password in the box.")
       Case $RetWord <> $Pass
      MsgBox(48, "", "The password is incorrect .. Try.")
       Case Else
      MsgBox(64, "", "The correct password.")
      Run("Calc.exe")
      ExitLoop
    EndSelect
  WEnd
EndFunc

Link to comment
Share on other sites

  • 3 months later...

This is a more Secure Login mechanism straight from the help file.

#include  <Crypt.au3>

; Example of hashing data and using it to authenticate password

; This is the MD5-hash of the correct password
$bPasswordHash="0xCE950A8D7D367B5CE038E636893B49DC"

$sPassword=InputBox("Login","Please type the correct password.","Yellow fruit that is popular among monkeys")

If _Crypt_HashData($sPassword,$CALG_MD5)=$bPasswordHash Then
    MsgBox(64,"Access Granted","Password correct!")
Else
    MsgBox(16,"Access Denied","You entered the wrong password!")
EndIf

Never embed a cleartext password in a script. At the very least encrypt it, but using a hash is the most secure.

you're saying to save the hash right above it?

you know they can use your next few lines using _Crypt_HashData with a param used $CALG_MD5. they know what you used to get that hash.

Link to comment
Share on other sites

you're saying to save the hash right above it?

you know they can use your next few lines using _Crypt_HashData with a param used $CALG_MD5. they know what you used to get that hash.

In this particular example yes, but I wouldn't recommend leaving the correct password as the default for the inputbox. :)

edit: in fact, you wouldn't want any default...right?

You don't even have to store the hash in the script if you don't want too.

All depends on the end goal I 'spose. This was just a lesson in storing secure passwords.

Edited by spudw2k
Link to comment
Share on other sites

In this particular example yes, but I wouldn't recommend leaving the correct password as the default for the inputbox. :)

edit: in fact, you wouldn't want any default...right?

You don't even have to store the hash in the script if you don't want too.

All depends on the end goal I 'spose. This was just a lesson in storing secure passwords.

Aren't compiled scripts (.exe) relatively safe?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...