Autosave and password protection help?
-
Hello all,
I have a classroom cash program I have been writing for a while. It works really well, but there is one thing I have yet to fix: I need to have the password file set up, and I need to have an autosave file set up.
My current password file writes to a text document and encrypts the file with Md5. But, the file can be deleted. If the file is not detected, the software asks the user to make one. This is obviously a HUGE security problem.
As for the autosave file, it can be deleted as well.
So... any advice? Any QFile tips for me? Directory suggestions? Any help is much appreciated! Thank you in advance,
-Hunter A.
-
Hi!
Well you cant fully protect files(or registry records) from deleting. If user have direct access to the file, he will find way to delete it. As option you can deny running program if file not exist, and only some privileged user can restore access. But this is not fully secure and obviously not convenient. Another option is create disguised copy of last settings file in dept of your programs files and restore it if file where deleted. -
What is a classroom cash program doing? Just curious...
Sorry, I have to go into nit-picking mode here, please bear with me.
MD5 is a hash algorithmn, it takes input and turns it into a fixed length string of bits. You can not take this string and regenerate the input string from it. With encryption you need to be able to regenerate the input from the key and the output.
How do you store the password? Do you do proper salting and several thousand rounds of hashing? MD5 is really weak!
Finally there is no way you can make this secure without running the business logic of your application (basically everything but the UI) as a separate user, with the OS making sure only that user can modify the files used for the authentication as well as all the data files. As long as the data files are accessible to the user they can just edit those directly, going around the authentication process completely.
-
PS: deletion is not your only problem: If a user is able to change the file, then he can authenticate as any user by changing the passwords in the file.