On the short note - if you compile your app and then change file extension from EXE to say TXT and open it in Notepad you will see something like the following:
... cmdlogin Command1 p°¿ï ÿ* txtpassword ` h¿ï Text2 ÿ* txtusername Hh¿ï Text1 ÿ ...
It would take probably under a minute a relatively inexperienced amature to decode that garbage...
Anyway, you never hardcode any values especially User Name/Password. Instead you store it say database but ecrypted. There are many encryption algorythms exist so you will have to find something that fits your level of expertise by searching our forums or elsewhere.
Because you have the user name and password in strings which will stay as pure text even after you have compiled your program.
you can see
1) If your post has been adequately answered please click in your post on "Mark Thread Resolved".
2) If someone has been useful to you please show your respect by rating their posts.
3) Please use [highlight="VB"] 'your code goes in here [/highlight] tags when posting code.
4) Before posting your question, make sure you checked this links: MICROSOFT MSDN -- VB FORUMS SEARCH
5)Support Classic VB - A PETITION TO MICROSOFT
@RhinoBull, you dont need to change the file extension from exe to txt. Just open Notepad and drag ' drop your exe from Explorer into the notepad text area and you will get the same result.
VB/Office Guru™ (AKA: Gangsta Yoda™ ®)
I dont answer coding questions via PM. Please post a thread in the appropriate forum.
You create your own algorithm that changes the ascii bytes of the characters of your password into a complete mess that someone cannot understand, and you can use this algorithm to convert it to the real password
That is a big NO-NO, Jacob - it can be decrypted within a few seconds (by experienced guy ). 64/128 bit encryption is the way to go (if you can afford it...)
You create your own algorithm that changes the ascii bytes of the characters of your password into a complete mess that someone cannot understand, and you can use this algorithm to convert it to the real password
That is a big NO-NO, Jacob - it can be decrypted within a few seconds (by experienced guy ). 64/128 bit encryption is the way to go (if you can afford it...)
I didn't say how complicated it had to be or how it had to be encrypted. Of course the real big government agencies use very large and complex Calculus based algorithms for their passwords (wasn't that on the movie Mercury Rising?) But in his case since he's a beginner, any normal algorithm will suffice.
If you need to hard code a username/password into your app (which, as others have already said is not a good idea), you can do some really simple stuff which will make it difficult for the casual hacker. For example,
VB Code:
Option Explicit
Dim TestUser As String
Dim TestPass As String
Private Sub cmdLogin_Click()
If (txtUserName.Text = TestUser) And (txtPassword.Text = TestPass) Then
That's pretty simple but fairly effective without resorting to complex encryption algorithms. Obviously you'd make your test username & password a bit more obscure.
BTW Did I mention that hardcoding a username & password is a bad idea?
Pete
No trees were harmed in the making of this post, however a large number of electrons were greatly inconvenienced.
Actually, if I can throw my 2 cents in on a resolved thread, this type of structure is also trivial to hack. All you have to do is trace back the "Wooo hooo..." string to it's test and then make the jump instruction non-conditional. This type of string basically provides a big "crack me here" sign in your code. These two links (one from a cracking site) give some really good advice on protecting software: