is it possible for when the use enters a password that it can be encrypted and saved in an external file. and it is encrypted with a some sort of user generated recovery question? any feedback on the topic would be much appreciated.
Printable View
is it possible for when the use enters a password that it can be encrypted and saved in an external file. and it is encrypted with a some sort of user generated recovery question? any feedback on the topic would be much appreciated.
It's possible, but that's not how I'd do it. Typically passwords should not be stored; rather, a 1-way hash of the password should be stored. Then you can just hash any passwords entered later and compare the hashes.
Good point.
how do i do a 1-way hash?
You can use one from a cryptographic library, or implement a published one yourself (do not invent your own). You should also include a salt along with each password to frustrate dictionary attacks.Quote:
Originally Posted by twistedmike