On 12 Feb 2006 16:33:52 -0800, "Vysakh P Pillai"
<vy**********@gmail.com> wrote:
Usually when we make password protected programes,we store the password
encrypted in a file.But this doesnot provide enough security and
portability.
Is there any way to store the password as a part of the .exe itself in
such a way that if a password change take place at runtime it gets
changed permenantly as if it was stored in an external file.
What you are proposing is completely insecure.
- If the password is within the executable, then it may be reverse
engineered by a (malicious) user of the executable
- If the executable may modify itself, then a (malicoious) user of the
executable may modify it.
So, if the user is malicious, you have got a serious security threat.