Government Security
Network Security Resources

Jump to content

Photo

Password Encypt

- - - - -
  • Please log in to reply
6 replies to this topic

#1 gman24

gman24

    Specialist

  • Sergeant Major
  • 643 posts

Posted 04 March 2005 - 03:27 PM

This I released as freeware awhile ago, alot of people found it useful.

It makes a random key when it doesn't detect clist.dat in it's directory. It converts a pass you can remember, for example maplesyrup, into something that's a bit harder to run a cracker on EX: 3Fn7IpA6Fm6. Every time you need the password you just enter the pass you can remember easily.

This makes it usefull also for generating super long passwords by stringing words together. Our memory likes to hold a max of seven items for most people, If those
seven items are long words that is easier to remember than a 16 or more char pass of random letters and numbers.

This might be usefull to integrate the functions into programs, I can make it into a class.

Of course the code can be changed to make the way it generates the key more secure.
................................................................................
...
Added an update to this version that is different from the freeware release.

This makes it easier to change passes on a regular basis. Basically it's the same as before, but you also input a integer. One will give you your original value (If you overwrite your old prog, don't mess with clist.dat that's your key). Two will give you a different value, etc.

Basically what it does is run it through the process X amount of times where X is the integer you entered.

This way you can use your same encrypted pass and change the integer to get a new pass. You can easily remember the pass you originally came up with, and it's easy to remember what number your on.

Both the code and binary are included.

Attached Files



#2 plinius

plinius

    Private First Class

  • Members
  • 70 posts

Posted 05 March 2005 - 11:12 AM

nice, thanks.
just an idea, you could maybe add something that detects short passes and returns a longer "crypted password" .
And there's not allways a number in the "crypted password"
(ex. kaka -> ybyb ...)
but, thanks .

#3 gman24

gman24

    Specialist

  • Sergeant Major
  • 643 posts

Posted 06 March 2005 - 06:20 PM

Those are good ideas, I could probably hack something up sometime in the future.

#4 gman24

gman24

    Specialist

  • Sergeant Major
  • 643 posts

Posted 06 March 2005 - 06:20 PM

Delete, It double posted.

#5 gman24

gman24

    Specialist

  • Sergeant Major
  • 643 posts

Posted 07 March 2005 - 06:49 PM

There you go plinus a quick hack that should generate longer passwords, and insure letters and numbers.

Attached is a second of the program for anyone who wants a different version.

I have a third encryption idea that should do a similiar thing but not generate as long as passwords(unless the password is under 5 chars). I'll post that later.


Not at all compatible with Passgen2(the first one) encryption key.


Feel free to offer more suggestions.


Edit:
Removed, Similar enough to the last version to consider the last version an update.

The first version still available. I actually prefer it.

#6 gman24

gman24

    Specialist

  • Sergeant Major
  • 643 posts

Posted 08 March 2005 - 12:27 PM

Unless there are any more suggestions or I come up with new things, this is the last version for awhile.

This is the third version. I have edited the other versions soon as well for one of the things in this (see first bullet) .

-This version makes sure that there is no self converts.( and the other versions will be edited to do so as well)

I hard coded the values into the one I use, so since I never use this version.

I never noticed that sometimes the random key will key to the same thing (EX: o=o). The rarity only causes problems when using the rencrypt feature. Eventually it will end up sticking to one thing.

I should have seen this problem before, however when reworking on this code I foresaw the problem and fixed it.

-Used a better way than purposefully misusing the ITOA function.

Technically the function shouldn't accept base 20. I forgot the usage for ITOA and made an educated guess.

The guess was correct except for the last parameter. I thought it might be the array size. When I looked it up later it wasn't. However the misuse did a cool thing so I left it in there.


It probably would be better to use it correctly however.


-Algorithm to pair a number to every letter and vise-versa.

A randomly generated offset is included in the key. This is used in an algorithm to determine numbers for letters and vice-versa.

-Shorter
It doubles your password length still however.

Attached Files



#7 plinius

plinius

    Private First Class

  • Members
  • 70 posts

Posted 08 March 2005 - 04:30 PM

hey...nice work. Thanks a lot.
if you want to make them really strong you can add unprintable characters (like ALT+127 ) -> ⌂ .
But I'll do this maybe by myself, as a training.

Plinius.