database and form security

Question

quintoncoert 131 Posting Whiz in Training

17 Years Ago

i have a form which i have to protect with a password. this form is called from a user form which does not have any passwords on it. which means anyone can access it. in order to accomplish the security i placed a password in an access database but the database itself cannot be password protected since the no-password calling form has to access this database. based on that there is a potential security issue since a person can just open the database and alter the password and then access the form which is supposed to be secure. but i cannot think up a better solution. does anyone have a suggestion?

i thought about encrypting the password before writing it to the database in such a form that if someone wants to change the password in the dbs he would have to first know and apply the encryption but i have little idea of how to do an encryption.

c++

2 Contributors
4 Replies
91 Views
4 Days Discussion Span
Latest Post 17 Years Ago Latest Post by quintoncoert

Narue 5,707 Bad Cop

17 Years Ago

>but i have little idea of how to do an encryption.
So this is your opportunity to learn. Storing a plain-text password anywhere is a really bad idea, so if you want to make claims about security, you need to encrypt it.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

quintoncoert 131 Posting Whiz in Training · Answer 1 · 2007-06-15T19:28:52+00:00

So this is your opportunity to learn.

i shall learn later. but i did do some sort of encryption. as a child i read puzzle as well as a few spy books so at least i knew secret codes. i applied a few and for now i believe that it was sufficient.

Narue 5,707 Bad Cop Team Colleague · Answer 2 · 2007-06-15T19:37:54+00:00

>as a child i read puzzle as well as a few spy books so at least i knew secret codes.
Hmm.

>i applied a few and for now i believe that it was sufficient.
Yea, I hope you don't mind that I won't hire you to add security to my software. ;)

quintoncoert 131 Posting Whiz in Training · Answer 3 · 2007-06-18T14:57:06+00:00

>i applied a few and for now i believe that it was sufficient.
Yea, I hope you don't mind that I won't hire you to add security to my software. :P

Sa! How easily a sentence shear a septum!

Just kidding! I know... The security is lousy. But all it does is protect a simple configuration file which remembers how some hardware devices connect to one another. If it had been up to me there would have been no password at all but my boss insists. Besides this is a demo only.(which demonstrates the behaviour of the hardware not the security!)