Passwords

[DKasler]

Ok.. When you create a password or login box, where do you save the password?

I've only created and app or 2 that have had password protection and I just wrote them to the Registry... Any better suggestions or thoughts?

[Hack]

DB Table is a very popular method unless you are using MS Access, which practically anyone could open.

[DKasler]

DB Table is a very popular method unless you are using MS Access, which practically anyone could open.

Thats my problem.

[Hack]

Even though your application uses MS Access, do you have a SQL Server or Oracle database available?

If not, and you want to get away from the Registry, then the only other thing I can think of it an encrypted text file. Of course, if the file gets deleted, your user is hung up in the air.

[DKasler]

Even though your application uses MS Access, do you have a SQL Server or Oracle database available?

If not, and you want to get away from the Registry, then the only other thing I can think of it an encrypted text file. Of course, if the file gets deleted, your user is hung up in the air.

So maybe i'll look into encrypting the entries written to the Registry. Thanks alot.

[dglienna]

I use Capicom.dll. If the p/w gets lost, then they have to call me for a new password, but the program always computes one, so it would only enable one call to get the same password. The whole program is hosed if the files get deleted.

[Hack]

So maybe i'll look into encrypting the entries written to the Registry. Thanks alot.

If you decide to implement this in production, it would be a good idea to programmatically create a backup of the text file after it has been encrypted, just in case it accidentally gets deleted. Further, as a matter of procedural policy (not programming), I would instruct my users to ensure this file was backedup to some place safe.