home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Collection of Tools & Utilities
/
Collection of Tools and Utilities.iso
/
dbase
/
dbpass10.zip
/
DBPASS10.TXT
< prev
next >
Wrap
Text File
|
1992-03-12
|
6KB
|
154 lines
** dBPASS v1.0 **
Password routines for dBase IV
by Frederico Terenas
11-03-92
This package contains some simple routines to implement password
protection in dBase IV applications.
The need for password protection occurred recently, when usage of
a commercial application I developed which stored important technical
services information had to be restricted to the officer-in-charge.
Many thanks to my brother Sérgio, for devising this simple (yet
efficient) encryption method (more about this later) and everyone
in groups comp.databases and bit.listserv.dbase-l who helped me.
This package is published as shareware and you are encouraged to
distribute it provided it is complete and no fees are charged
(a small fee can be charged to cover distribution costs). The source
code can be freely changed to suit particular requirements.
Users are urged to register with me so I can provide further
technical support, and upgrades. Registration is FREE.
To register, please E-mail me at:
cs_a264@Kingston.ac.uk
or send a letter to:
Frederico Terenas
Matto Grosso 1459
Las condes
Santiago
CHILE
stating your E-mail address (or postal address) and any thing
else you want to ask the author.
I expect no money from anyone! If I see that there is enough
interest from the database community, I will provide further routines,
using different password encryption methods. Some of these methods
are being studied at present. Please, support the author, by pointing
out improvements, suggestions, or any bugs you find.
The package comprises 3 program files:
===============================================================
PASSCHEK.PRG - Routine to check that password typed at the
keyboard matches the one stored in file,
PASSEDIT.PRG - Routine to change the password store in the
file. You must type the current password in
order to change it,
DEMODBPW.PRG - Simple program to demo use of routines.
===============================================================
The Encryption.
The chosen password is transformed via some algorithm in
order to be unrecognizable by other users, or people trying to
break into your system. The algorithm that performs this is in
the file PASSEDIT.PRG .
The algorithm in this version, gets the ordinal value of
each character that makes up the password. Then it adds this value
to a pre-determined value, the encryption factor (stored as ENC_FACTOR).
You can change this value at any time. The new value, representing
each character is stored in an array and saved to a .MEM file.
This file, when viewed with the TYPE command of DOS, doesn't reveal
the password, but some unreadable characters.
Checking if typed password is correct.
The routine that checks if the password typed is the same as
the one stored in the .MEM file is PASSCHEK.PRG . If the password
entered is incorrect it leaves the program running by issuing a
CANCEL command. If the password entered is correct, control returns
to the calling program and this program can proceed.
Tip: Put a call to this routine at the beginning of your
application. If the password isn't entered correctly,
the routine forces your application to return to DOS.
Changing password.
The routine responsible for this is called PASSEDIT.PRG .
This routine prompts the user to type the current password,
checks if this matches the password stored in the .MEM file and
only if it is correct allows the user to proceed and change the
password. Any character can be used, but users should beware
of using spaces or characters other than those they can remember.
The user is then prompted to enter the new password, and once
more to make sure the user remembers the password previously
entered. If these don't match, the password remains unchanged.
Tip: Don't use spaces in your password. This becomes confusing.
Use both numbers and letters. This should be difficult
enough for someone unauthorised to guess.
Disabling password verification.
The user can make the password checking routine (PASSCHEK.PRG)
skip the password verification by changing the password to
<RETURN> (pressing the RETURN key). When changing the password,
after typing the current password (and this being accepted),
pressing <RETURN> twice causes the password to be disabled, that
is, the password checking routine doesn't check for a password.
Password verification can be restored by changing the current
password (which is pressing the RETURN key) to a new name, as
described previously.
The Demo!
The user should have an insight into the capabilities of this
package and now should load dBase IV and run the program DEMODBPW.PRG
for a demonstration of the routines in this package. The Demo is menu
driven and easy to use. The source code for the Demo is included.
The current password is: FRED (please NOTE capital letters)
Good luck.
Frederico Terenas
e-mail: cs_a264@Kingston.ac.uk