Password In Resource File!

[arpan_de]

I want to save passwords in a Resource file so as to make it more secure. How do I go about it?

Also can passwords be saved in a Manifest file so as to ensure that its highly secure i.e. there shouldn't be any way by which users can tamper with the password?

I know that passwords can be saved in the Registry but I did like to avoid playing with the Registry.

[Jmacp]

I dont think you can as resource files are compiled by rc.exe then compiled again into the exe. Why not encrypt the password and save to a text file, like cookies do?

[arpan_de]

Anyone can easily delete the text file or even change the password, isn't it?

Actually right now, I am saving the password in an ADS (Alternate Data Stream) file but the problem is neither FAT nor FAT32 support ADS files; ADS files can be created only in NTFS file systems. So if it happens that a user doesn't have NTFS in his system, then he won't be allowed to create a password.

[dark_shadow]

CVMichael has a good example of encryption in his sig

[arpan_de]

CVMichael has a good example of encryption in his sig

Let CVMichael have a good encryption example or Michael Jackson, what's the use when the encrypted file can easily be tampered with, my dear friend! & that's exactly what I have stated in English in my previous post......

[Jmacp]

Well resources are easy to extract from an exe, so why not just write to the exe itsself in encrytped form?

[penagate]

Let CVMichael have a good encryption example or Michael Jackson, what's the use when the encrypted file can easily be tampered with, my dear friend! & that's exactly what I have stated in English in my previous post......

Chill.

To be frank, all the methods listed in this thread are more or less equally secure/insecure. Your best bet is (one-way) encryption and some method of checking whether the file in which it is stored has been tampered with, such as a checksum.

[Spajeoly]

Let CVMichael have a good encryption example or Michael Jackson, what's the use when the encrypted file can easily be tampered with, my dear friend! & that's exactly what I have stated in English in my previous post......

Man, you have quite the attitude for someone who's asking others for help...

No matter what, there is always a way to modify the password files or info unless it is hard-coded int the program and have found a way to stop people from patching you application.

Regardless, there is only so much you can do to prevent people screwing with your apps.

And honestly, I am surprised anyone helped you in this thread. They offer solutions and you get all snide with everyone.

[arpan_de]

Well, I am extremely sorry friends if you have found my response scornful but believe me, I didn't mean it. Maybe I should have expressed myself in a different way.

Sorry once again, mates!

[arpan_de]

so why not just write to the exe itsself in encrytped form?

Jmacp, could you please show me a small example or link me to a post which does this? I have never done anything as such.