How to verify accounts (logins)?
-
I have two field. in the first one the user writes his own data (user or password) and in the second one he writes his password. How verify these login data?
-
That depends on how you want to authenticate the user. Is this a application specific login dialog, some database, the OS, a service on the network, etc.?
-
Well, there is some ways to do it. You can check the fields against a data base.
-
if you have any database or data files , you can authenticate the user very easy.
For Example :
use can use sqlite db with hash password.
-
[quote author="abbas farahmand" date="1342495126"]
use can use sqlite db with hash password.[/quote]With salted hashed password.
http://en.wikipedia.org/wiki/Cryptographic_saltFurther, don't use a fast hash function like MD5 or SHA. Use a scheme that you can make slower as computing power grows, without breaking your code. See for example
http://en.wikipedia.org/wiki/BcryptIf the authentication happens over the network, use a nonce (and SSL).
http://en.wikipedia.org/wiki/Cryptographic_nonceIf you think this is too much work, don't write the program. Don't implement your security/authentication layer as dilettantish as sony, last.fm, eHarmony, linkedin etc. did – You've read in the news what happens.
