01-06-2006, 10:00 PM
Originally posted by Baltan
ServerSide:
look at you're PasswordOK function:
This is VERY VERY bad security
Why do you ask?
it says that
password = PassWord = PaSsWoRd = PASSWORD
Case insensitivity, :|
Case Sensitive passwords are hundreds of times harder and longer to BruteForce or DictionaryHack
So lets change that up eh?
ServerSide:
look at you're PasswordOK function:
Code:
Function PasswordOK(ByVal Name As String, ByVal Password As String) As Boolean
Dim FileName As String
Dim RightPassword As String
PasswordOK = False
If AccountExist(Name) Then
FileName = App.Path & "\Accounts\" & Trim(Name) & ".ini"
RightPassword = GetVar(FileName, "GENERAL", "Password")
If UCase(Trim(Password)) = UCase(Trim(RightPassword)) Then
PasswordOK = True
End If
End If
End FunctionThis is VERY VERY bad security
Why do you ask?
it says that
password = PassWord = PaSsWoRd = PASSWORD
Case insensitivity, :|
Case Sensitive passwords are hundreds of times harder and longer to BruteForce or DictionaryHack
So lets change that up eh?
Code:
Function PasswordOK(ByVal Name As String, ByVal Password As String) As Boolean
Dim FileName As String
Dim RightPassword As String
PasswordOK = False
If AccountExist(Name) Then
FileName = App.Path & "\Accounts\" & Trim(Name) & ".ini"
RightPassword = GetVar(FileName, "GENERAL", "Password")
If Trim(Password) = Trim(RightPassword) Then
PasswordOK = True
End If
End If
End Function