ibbm


is there some kind of algorithm in fox that can store and encrypted password so that if anyone got a hold of the data they couldn't read the password.

Thanks in Advance




Re: how to store encrypted passwords ..

fvp4ever


No, as far as I know.
My suggestion is to encrypt your passwords or other important data via windows crypt api and save them into a dbf or anykind of file you like. that's what I'm doing

there are samples and classes to simplify crypt api access installed with vfp





Re: how to store encrypted passwords ..

Aleniko

You can also write some form of simple encryption within VFP. Not anything serious, but if you simply don't want the password to be saved in clear text, you can do something like rot-13 or some other process to mess up the password and unmess it when reading it.






Re: how to store encrypted passwords ..

ibbm

what is rot 13



Re: how to store encrypted passwords ..

Aleniko

http://en.wikipedia.org/wiki/ROT13

Alen.




Re: how to store encrypted passwords ..

Naomi Nosonovsky

You may want to check

http://www.sweetpotatosoftware.com/SPSBlog/PermaLink,guid,b1281831-9655-47f6-9366-be849b9f4598.aspx by Craig Boyd.

VFP implementation of the Cipher encryption

http://www.berezniker.com/display/VFP/VFP+implementation+of+the+Cipher+encryption

by Sergey Berezniker.

I haven't tried them myself.





Re: how to store encrypted passwords ..

Alex Feldstein

I would suggest you encrypt with strong encryption such as the one offered by Craig Boyd's DLL indicated by Naomi.

The Win CryptoAPI fine but it has some issues when moving from OS (different versions) and it has been deprecated by MS. If you want to learn how to use it you can read this article: http://www.feldstein.net/CodeCryptoArticle.htm

ROT-13 is not encryption. It is so easy to break a child can do it. Do not confuse scrambling of characters with encryption.

Another way to deal with passwords when you do not need to decipher them is to use a cyrptographic hash such as MD5. This way the password caqnnot be reversed (it's one-way encryyption). You save the hash and when the user comes in you hash their password and compare with the one in storage.

EBG-13 vf ab tbbq ng uvqvat.





Re: how to store encrypted passwords ..

Aleniko

Alex;

Please allow me to disagree. ANY process which takes a readable form of information and makes it unreadable, is a form of encryption. Simple ones like ROT-13 are known as substitution ciphers. http://en.wikipedia.org/wiki/Substitution_cipher

Although I agree that rot-13 is extremely easy to break, other simple substitution cyphers may be used easily within vfp to store passwords. I would argue that in most cases where passwords are used in a VFP application, simple encryption would suffice.

Thanks;

Alen.






Re: how to store encrypted passwords ..

Alex Feldstein

OK. It's semantics. ROT13 is a form of Caesar cypher. I meant to say it is not Cryptography altough you may justly call it a form of encryption.



Re: how to store encrypted passwords ..

Mark OSVATH

Yes, you can encrypt data using a digital certificate and CAPICOM. First generate a certificate for you or if you have one import it. It is generally a file with .pfx extension. The sample below encrypts a text: "Clear text to be encrypted". Store the content of sScripto in a memo field.

You can decrypt the string only if you have the digital certificate installed for the current user.

#include capicom.h

oStore=createobject("CAPICOM.Store")

oEnvelope=createobject("CAPICOM.EnvelopedData")

oStore.Open(CAPICOM_CURRENT_USER_STORE,"My",CAPICOM_STORE_OPEN_READ_ONLY)

oEnvelope.Algorithm.Name=CAPICOM_ENCRYPTION_ALGORITHM_DES

FOR each oCert in oStore.Certificates

oEnvelope.Recipients.Add(oCert)

next

oEnvelope.Content="Clear text to be encrypted"

sCripto=oEnvelope.Encrypt

sCripto

EnvelopedData = CreateObject("CAPICOM.EnvelopedData")

EnvelopedData.Decrypt(sCripto)

"Decrypted data: " + EnvelopedData.Content