void DlgVerifyPassword::OnOK()
{
// TODO: Add extra validation here
bool canExit = true;
UpdateData(TRUE);
CString password = iniInfo.GetResponseBasePath();
File f(ToString(password));
f.AppendToPath("password.dat");
VRPasswordRecord pr;
pr.Read(f);

CString userPassword = GetPassword();

if(! pr.IsValid(userPassword)){
AfxMessageBox(IDS_PASSWORD_NOT_VALID, MB_OK|MB_ICONSTOP);
canExit= false;
}

if(canExit)
CDialog::OnOK();
}

bool VRPasswordRecord::Read(File &f)
{
bool succes= false;
if( f.Open( O_RDONLY))
succes= f.Read( buf, sizeof buf);
return succes;
}

bool VRPasswordRecord::IsValid(const CString &pass)
{
bool isValid= true;
for( int i= 0; isValid && i < pass.GetLength(); i++) {

isValid= (pass[ i] ^ encriptionKey[ i]) == buf[ i];
}
return isValid;
}

THis works partially. If my password is "caroline" it will give me that error if I type anything other than "caroline". "Caroline" won't work either but if I type just "c" it goes through. Can someone explain why?

I realize that I'm not checking to see if they are the same lenght I'm not sure if I understand how.

Thank you in advance

You should (as you suggest) compare password and entry for length. Assuming the original password is in a null terminated character buffer:

bool VRPasswordRecord::IsValid(const CString &pass)
{
int passLen = pass.GetLength();
if (passLen != strlen(buf))
return false;

bool isValid = true;
for( int i= 0; isValid && i < passLen; i++) {
isValid= (pass[ i] ^ encriptionKey[ i]) == buf[ i];
}
return isValid;
}

Dave

Within the for loop you should also be breaking whenever IsValid is assigned a false value. Presently, the return of isValid is only the reult of the final character comparison as opposed to detecting an incorrect character and returning immediately.