Beefy Boxes and Bandwidth Generously Provided by pair Networks
Do you know where your variables are?
 
PerlMonks  

Password Popup help

by Dirty Luigi (Initiate)
on May 16, 2004 at 01:09 UTC ( #353699=perlquestion: print w/ replies, xml ) Need Help??
Dirty Luigi has asked for the wisdom of the Perl Monks concerning the following question:

I am making a password popup on one of my programs. I am trying to make the password a series of numbers that add up to one certain number. It will be six different numbers. Each number should be added up to get a certain number.How can I do this. I have no clue. PLEASE REPLY!!!!!!!!!!!!!

Comment on Password Popup help
Re: Password Popup help
by atcroft (Monsignor) on May 16, 2004 at 01:13 UTC

    It would help to know the environment in which the program will operate. Is it for a web app? a command-line app? an app under X/MS Win*/Mac/etc? These questions will dictate the manner in which a password would be requested.

    Also, is there a particular reason you are using this scheme of a 6 number sum? If there is not, you may wish to look at the ability instead of using the crypt() function for instead creating a hashed password, which may be easier to remember than the 6 number set.

    If you can provide a little more information as regards the first part, I would suspect there are several who may be able to offer applicable suggestions.

      The program is for a window's program. I got the idea for the password thing from credit cards. Each company should have a set number, for secrurity.

        You have several options, when it comes to requesting the password under windows. In browsing around CPAN while reading your question, I found the following which I think might include functions for requesting a value that is concealed as it is typed. I won't say they will all do what you seek easily, but might prove useful.

        Hope that helps get you started, at least...

Re: Password Popup help
by TomDLux (Vicar) on May 16, 2004 at 01:15 UTC

    You mean like 361524 adding up to 21? Why would you want to do that?

    Or maybe you mean 21-37-72-04-58-35 adding up to 250? Just as confusing.

    --
    TTTATCGGTCGTTATATAGATGTTTGCA

Re: Password Popup help
by soon_j (Scribe) on May 16, 2004 at 02:30 UTC

    Do you mean that if the series of numbers add-up to your expected total then you would grant access to something...? If so, there are several permutations possible, all of which might produce a total equal to what you are expecting.

    That is a poor method for password authentication. You may try reading some stuffs about encrypting and see how that suits your needs.

Re: Password Popup help
by andyf (Pilgrim) on May 16, 2004 at 05:47 UTC
    As other Monks have pointed out, your method is flawed. However you should not be discouraged from experimenting with this idea of yours, just be aware it will make a very _bad_ password system.

    What you don't say, most importantly, is how this related to username. Usually we deal with authentication as 2 part, you supply 2 pieces of data and there is some relationship between them discernable with a 'secret' which tells us if the pair is any good.

    What you are talking about is really a checksum system. This kind of system embeds 'intrinsic' data within just one datum so that it can be checked for self consistency. This is the basis of ticketing type systems that don't need usernames.
    Credit cards have a very basic checksum system that is widely known and trivial to 'crack'. And such is the weakness of using them for login authentication, because once someone has seen more than 2 or 3 examples they can trivially work out the method for generating new and valid ones.
    To answer your request for code try doing the following.
    #!/usr/bin/perl print STDOUT "Enter a username: "; # ask for a user my $username = <STDIN>; # input the username chomp $username; print STDOUT "Enter a password: "; # ask for a pass my $password = <STDIN>; # input the pass chomp $password; my $crypted = crypt($password.$username,aa); # we store this value fo +r later.... print STDOUT "The username is $username\n"; print STDOUT "The password is $password\n"; print STDOUT "The encrypted passwd is: $crypted\n"; print "\n\n\n"; print STDOUT "Testing out the password system....\n"; while (1) { print STDOUT "Enter the username: "; my $ipusername = <STDIN>; chomp $ipusername; print STDOUT "Enter the password: "; my $ippassword = <STDIN>; chomp $ippassword; my $recrypted = crypt($ippassword.$ipusername,aa); print STDOUT "The retrived passwd is: $recrypted\n"; if ($recrypted eq $crypted) { dologin(); exit 0; } print STDOUT "Login Incorrect, please try again.\n\n\n"; } sub dologin { #do stuff print STDOUT "Login OK, welcome to the system.\n\n\n"; exit 0; }
    This uses the standard crypt facility and is _not_ a very good method for passwords, but ok for non critical web services.
    BOL
    Andy.
Re: Password Popup help
by Ryszard (Priest) on May 16, 2004 at 09:10 UTC
    There is a (un)surprisingly common check digit algorithm you can use. Bit longer than 6 tho' :-) You can even use something ready made.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://353699]
Approved by Old_Gray_Bear
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others contemplating the Monastery: (5)
As of 2014-07-26 05:50 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite superfluous repetitious redundant duplicative phrase is:









    Results (175 votes), past polls