Im trying to do a new app where i can store most of my passwords, basically
another "Password Keeper" style tool....
Question about this is what is the best way to store the data, as a plain
XML or MDB is totally insecure im wondering what other choices i do have and
how do i can implement them..
Forgot to mention that im using VB.net 2005...
Thanks 6 1647
Why not look at Keith Brown's Password Minder program? He's a known
security expert and put a fair amount of effort into getting this right. He
also publishes the source for the tool. http://www.pluralsight.com/tools.aspx
Joe K.
"Microsoft" <cr*******@hotmail.com> wrote in message
news:%2****************@tk2msftngp13.phx.gbl... Im trying to do a new app where i can store most of my passwords, basically another "Password Keeper" style tool.... Question about this is what is the best way to store the data, as a plain XML or MDB is totally insecure im wondering what other choices i do have and how do i can implement them..
Forgot to mention that im using VB.net 2005...
Thanks
Hi,
The typical behaviour from a password is that you don't store them.
Although some new fingertip and eye recognazion tools do that and are build
for that like a key. And don't loose your key because than your house is
open again.
If it about the a password storage tool, than is a newsgroup not the best
place how to do that. The method is than without sense because it is direct
to search for in Google.
There are many methods on MSDN, if I want to search for that, than I search
for "Rijndael". In one of those I live.
I hope this helps,
Cor
"Microsoft" <cr*******@hotmail.com> schreef in bericht
news:%2****************@tk2msftngp13.phx.gbl... Im trying to do a new app where i can store most of my passwords, basically another "Password Keeper" style tool.... Question about this is what is the best way to store the data, as a plain XML or MDB is totally insecure im wondering what other choices i do have and how do i can implement them..
Forgot to mention that im using VB.net 2005...
Thanks
Hello!
You wrote on Sat, 18 Mar 2006 02:28:57 -0300:
M> Question about this is what is the best way to store the data, as a
M> plain XML or MDB is totally insecure im wondering what other choices i
M> do have and how do i can implement them..
M> Forgot to mention that im using VB.net 2005...
You can take a look at SolFS ( http://www.eldos.com/solfs/), which is a
virtual file system with built-in strong encyrption and compression.
With best regards,
Eugene Mayevski
You might consider the credit card storage aproach
i.o.w. a one way hash ,,,, the validation data is encrypted with a one way
hash algorythm ,,, so the creditcard number that a users entest is also put
through this same algorythm and compared to the validation data ..
Advantage ,,,
No one knows the actuall data except the user , even the database
administrator can`t retrieve his password as it is not known to him ( you
could even extend this technique to a XML or "flat" file )
here is a verry nice article to give you some idea`s http://www.devx.com/dbzone/Article/26726/0
regards
Michel Posseth [MCP]
"Microsoft" <cr*******@hotmail.com> schreef in bericht
news:%2****************@tk2msftngp13.phx.gbl... Im trying to do a new app where i can store most of my passwords, basically another "Password Keeper" style tool.... Question about this is what is the best way to store the data, as a plain XML or MDB is totally insecure im wondering what other choices i do have and how do i can implement them..
Forgot to mention that im using VB.net 2005...
Thanks
Michel Posseth [MCP] wrote: You might consider the credit card storage aproach
i.o.w. a one way hash ,,,, the validation data is encrypted with a one way hash algorythm ,,, so the creditcard number that a users entest is also put through this same algorythm and compared to the validation data ..
Advantage ,,,
No one knows the actuall data except the user , even the database administrator can`t retrieve his password as it is not known to him ( you could even extend this technique to a XML or "flat" file )
here is a verry nice article to give you some idea`s http://www.devx.com/dbzone/Article/26726/0
regards
Michel Posseth [MCP]
How is that going to help? Storing a hash of the passwords so that they
are not retrievable... when the whole point of his app will be to store
passwords so he CAN retrieve them, at least that's how I read his
question. He just needs a way to store them safely.
--
Rinze van Huizen
C-Services Holland b.v
ouch .......
yes you are right,,, i was totally wrong understanding his intention ,,,,,
( i need to read more carefully before i answer :-)
regards
Michel
"C-Services Holland b.v." <cs*@REMOVEcsh4u.nl> schreef in bericht
news:dP********************@zeelandnet.nl... Michel Posseth [MCP] wrote: You might consider the credit card storage aproach
i.o.w. a one way hash ,,,, the validation data is encrypted with a one way hash algorythm ,,, so the creditcard number that a users entest is also put through this same algorythm and compared to the validation data ..
Advantage ,,,
No one knows the actuall data except the user , even the database administrator can`t retrieve his password as it is not known to him ( you could even extend this technique to a XML or "flat" file )
here is a verry nice article to give you some idea`s http://www.devx.com/dbzone/Article/26726/0
regards
Michel Posseth [MCP]
How is that going to help? Storing a hash of the passwords so that they are not retrievable... when the whole point of his app will be to store passwords so he CAN retrieve them, at least that's how I read his question. He just needs a way to store them safely.
-- Rinze van Huizen C-Services Holland b.v This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: sffan |
last post by:
I am new to database programming and was curious how others solve the
problem of storing encrypted in data in db table columns and then
subsequently searching for these records.
The particular...
|
by: Nico |
last post by:
My database have 20 tables and many users. I wish to store encrypted
data in 3 tables and have only 3 users have access to them, walking
into tables or using forms.
Can someone point me a direct...
|
by: Leonardo D'Ippolito |
last post by:
Hi!
I have two .NET win apps that need to communicate on a TCP/IP network.
'App A' must ask 'app B' if it's allowed to do some task, and 'app B'
must authorize or prohibit it.
How can I do...
|
by: David Garamond |
last post by:
I read that the password hash in pg_shadow is salted with username. Is
this still the case? If so, since probably 99% of all PostgreSQL has
"postgres" as the superuser name, wouldn't it be better...
|
by: robert |
last post by:
Hello,
I want to put (incrementally) changed/new files from a big file tree
"directly,compressed and password-only-encrypted" to a remote backup
server incrementally via FTP,SFTP or DAV.... At...
|
by: Michael Sperlle |
last post by:
Is it possible? Bestcrypt can supposedly be set up on linux, but it seems
to need changes to the kernel before it can be installed, and I have no
intention of going through whatever hell that would...
|
by: Sathyaish |
last post by:
I have the following scenario:
Algorithm: 3DES
Cipher Mode: CBC
Key Size: 128-bit
Block Size: 64 bit
IV: 0x0000000000000000 (an eight byte array of zeros)
The results I get using .NET with...
|
by: Bernard Dhooghe |
last post by:
The information center writes:
"Encryption Algorithm: The internal encryption algorithm used is RC2
block cipher with padding, the 128-bit secret key is derived from the
password using a MD2...
|
by: BobPaul |
last post by:
I'm following code out of a howto book and this is really bugging me. This header file was created by VStudio 6.0 when I did a "Right Click: Add Member Function" CLine is a class I wrote (per the...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
| |