Active Topics

 


Reply
Thread Tools
m4r0v3r is offline m4r0v3r
2014-07-12 , 14:26
Posts: 1,746 | Thanked: 1,832 times | Joined on Dec 2010
#1
so am trying to create a VNC client for sailfish, albeit badly, and saving multiple client entries in a DB, but how would I securely save a password. Would I hash it and then save it, but what about when I need to actually use it for logging in.

Or realistically is this not possible
 
pycage's Avatar
pycage is offline pycage
2014-07-13 , 08:49
Posts: 3,404 | Thanked: 4,474 times | Joined on Oct 2005 @ Germany
#2
Hashing is good if you don't ever need to use the actual password, but only compare it to what the user has entered. In your case, you need the password, though.
You could store it encrypted (e.g. with the Blowfish algorithm) on device.
Cargo Dock (https://github.com/pycage/cargodock) is an example of how Blowfish is used to encrypt passwords.
__________________
Tidings - RSS and Podcast aggregator for Jolla - https://github.com/pycage/tidings
Cargo Dock - file/cloud manager for Jolla - https://github.com/pycage/cargodock
 
smoku's Avatar
smoku is offline smoku
2014-07-13 , 12:41
Posts: 1,716 | Thanked: 3,007 times | Joined on Dec 2009 @ Warsaw, Poland
#3
Encrypting with a hardcoded secret is no better than ROT13.
So you need some kind of password-wallet, secured with a password given by the user.
__________________
smoku @xiaoka.com (SMTP/XMPP) ...:.:....:... pebbled . Poky Fish : sixaxis . psx4m . uae4all
Jolla Phone post-mortem . . . . . . . . . . -> 1+1 VGN-UX390N
 

The Following User Says Thank You to smoku For This Useful Post:
nieldk
2014-07-13 , 15:08
Guest | Posts: n/a | Thanked: 0 times | Joined on
#4
Originally Posted by smoku View Post
Encrypting with a hardcoded secret is no better than ROT13.
So you need some kind of password-wallet, secured with a password given by the user.
just salt the encryption key with a user PIN
 

The Following User Says Thank You to For This Useful Post:
Reply

« Previous Thread | Next Thread »

 
Forum Jump


All times are GMT. The time now is 05:28.

Contact Us - Home - Archive - Top