How to encrypt a file that stores password and user name locally?
-
wrote on 6 Nov 2017, 12:51 last edited by
I'm developing a PC application (i.e. GUI app). This file will be used by several users. Modifying settings is protected by a password but the admin is the only person who can modify the password. Files are stored in the PC. I need to allow the admin to modify the password. This password must be saved in the PC in a encrypted file. How can I achieve this? Saving the file in a binary mode can be converted to txt mode easily. Any suggestions? Currently, I'm using Window OS.
-
wrote on 6 Nov 2017, 13:31 last edited by
-
I'm developing a PC application (i.e. GUI app). This file will be used by several users. Modifying settings is protected by a password but the admin is the only person who can modify the password. Files are stored in the PC. I need to allow the admin to modify the password. This password must be saved in the PC in a encrypted file. How can I achieve this? Saving the file in a binary mode can be converted to txt mode easily. Any suggestions? Currently, I'm using Window OS.
@CroCo Instead of storing the password store its checksum. Such checksums (like MD5) work one way: you cannot get the password from its checksum. This is how operating systems store passwords. To validate the password which user enters you calculate its checksum and compare it with the stored checksum - if both are identical then the correct password was entered. So, no need to encrypt the file (where would you store the key safely?).
-
@CroCo Instead of storing the password store its checksum. Such checksums (like MD5) work one way: you cannot get the password from its checksum. This is how operating systems store passwords. To validate the password which user enters you calculate its checksum and compare it with the stored checksum - if both are identical then the correct password was entered. So, no need to encrypt the file (where would you store the key safely?).
-
@CroCo Instead of storing the password store its checksum. Such checksums (like MD5) work one way: you cannot get the password from its checksum. This is how operating systems store passwords. To validate the password which user enters you calculate its checksum and compare it with the stored checksum - if both are identical then the correct password was entered. So, no need to encrypt the file (where would you store the key safely?).
-
@jsulm do you know which checksum is the strongest? It seems MD5 is very weak. Online crackers did succeeded to crack stored passwords but they failed with Sha3_512. Any suggestions!
@CroCo I think SHA512 should be fine
1/7