Implement document level password protection

[dminder]

Hello again all. I am trying to figure out a way to implement password protection on documents that a program I am working on creates. They should remain with the document regardless of where it is copied to or sent. I will probably also use it to encrypt the contents of the file, but that is another topic.

Here is a rough sequence of events:
1. Application Opens (no document loaded).
2. User opens document with extension registered to application.
(could also be # 1 if they clicked on the document directly)
3. Application Security checks document for security and prompts if necessary.
4. If prompted, user enters password.
5. Application checks password.
6. If passed, document opens, otherwise user is notified of failure.

Hopefully I have been pretty clear about what I am trying to do. It should also not require any server validation or database type checking. I know it is done in like Excel, Word, and other applications.

Thanks in advance!!

D

[opus]

If this is a programm the you did create, you have control over what this programm expects to read from a file. Store in each file wether it is password protected and if it is also store that password. When opening that file, check if it is password protocted, if yes ask for it...., if not just read in the rest of the file.

[dminder]

It is absolutely my application, but is also is able to open various file types like XML, txt, XLS/xlsx, ect and I should be able to lock them from users even if they copy them to a datakey, another computer, over the web, etc. The reason I mention this, is that I looked into simply using network and directory settings. However, if there are users that are separated by more than just a desk, the settings should be applicable regardless. This is also the reason why the settings tab on the application will not work. It can go so far as being machine specific, but as far as I know not file specific.

I am just looking for some ideas i guess. I have been looking into metadata and how to attach it to a file. I am not sure if this is an answer or not. Thank you for your response opus and I am still open to any ideas, thoughts, etc.

Thanks!

D

[opus]

Since you are using file types which are commonly used with other applications, you can't add your own password protection to the file (it would disable the usage of such a file on the other applications).
In this case I'm out of this one.

[Pradeep1210]

Without trying to reinvent the wheel, I'll just use one of the compression techiques that supports passwords. There are many free available on the internet and one of them (which is also free) is the DotNetZip.

http://dotnetzip.codeplex.com/

So your algorithm goes like this:

1. When saving the file, compress it with password.

2. When opening the file, check if it is password protected and accordingly prompt user and ask for password. Then apply that password to the file and decompress it to some temporary location and open that file in your application.

3. When editing the file, use the temporary copy of the file. If the user tries to save the file in between edits (press Ctrl+S etc.), save your temporary file, then create a copy of it with password protection (as in step 1), and then replace your original file with this one.

I hope this helps