store password secure in INI

bSecRes · 19th July 2003, 23:42

My point is that it can't work two-way as long as there is no protected memory. I am writing an md5 hasher now for people that want to use that somewhere in their installer. Obviously that won't work on a custom page before the value gets written to the hard disk which I think is a weakness.

I agree that it would be cool if there was a one-way hash that NSIS could use when storing the value in the file. I would like to see that hash be md5.

The only way to make two-way work is to go asymmetric, whereby we would have to give NSIS a public key to use to encrypt and store the password. Afterwards, though what good is it? If you put the private key on the system game over.

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Switch to Linear Mode Hybrid Mode Switch to Threaded Mode

19th July 2003, 23:42	#1
bSecRes Junior Member Join Date: Jul 2003 Location: LA USA Posts: 37	My point is that it can't work two-way as long as there is no protected memory. I am writing an md5 hasher now for people that want to use that somewhere in their installer. Obviously that won't work on a custom page before the value gets written to the hard disk which I think is a weakness. I agree that it would be cool if there was a one-way hash that NSIS could use when storing the value in the file. I would like to see that hash be md5. The only way to make two-way work is to go asymmetric, whereby we would have to give NSIS a public key to use to encrypt and store the password. Afterwards, though what good is it? If you put the private key on the system game over.