Make txt file secure
Hi, I made a password protection program, and the password is encrypted and stored on password.txt. I then set password.txt to a hidden file, which isn't really too secure, as most people can get around that easily. A serious flaw in my protection is that someone can easily delete the password.txt file, at which point the program will ask them to create a password. How can I stop people deleting password.txt, by either making it unreadable by the OS (Windows 7), making it only readable to my application, or any other means. I was told to look at the 4th parameter on this website: http://msdn.microsoft.com/en-us/library/aa363858.aspx but I don't know how to implement this into my own program. Any help appreciated, thanks.
Your approach is incorrect. You must not attempt to disallow file deletion; you must simply warn that deleting the text file will render the secured objects unreadable for ever.
In general, the password is not the object you want to secure. Instead, you use a password to secure some other object.
For example, you have a file secrets.txt in clear text. You can make this file secure by means of a reversible encryption algorithm such as RC4 with the use of a password. Only the person knowing the password will be able to decrypt the file. You don't even have to save it anywhere. Just prompt for password every time you are asked to decrypt the file.
In general, the password is not the object you want to secure. Instead, you use a password to secure some other object.
For example, you have a file secrets.txt in clear text. You can make this file secure by means of a reversible encryption algorithm such as RC4 with the use of a password. Only the person knowing the password will be able to decrypt the file. You don't even have to save it anywhere. Just prompt for password every time you are asked to decrypt the file.
webjose is wrong as well. But only in the aspect of file deletion.
What you want to do is put all the data into 1 file. This way there is nothing to delete, because if anyone deletes the password, they are essentially deleting all the data that is with it.
I wrote a passwords/accounts program which functions like yours. I did not use conventional encryption, i wrote my own encryption algorithm. You can do the same. The password, the accounts, and all the data in that 1 file is all encrypted. If anyone wants to read the data, they will have to decrypt it (and since it is not any conventional encryption, they cant know where to start), unless they know assembly code in their sleep.
What you want to do is put all the data into 1 file. This way there is nothing to delete, because if anyone deletes the password, they are essentially deleting all the data that is with it.
I wrote a passwords/accounts program which functions like yours. I did not use conventional encryption, i wrote my own encryption algorithm. You can do the same. The password, the accounts, and all the data in that 1 file is all encrypted. If anyone wants to read the data, they will have to decrypt it (and since it is not any conventional encryption, they cant know where to start), unless they know assembly code in their sleep.
I can't put all the data into one file because my program is simply a gateway to another. For example if I wrote a C++ game, you would need to enter a password before the program would proceed to run the game's code. So I assume I do need to secure the password.
1)If you have only one password(like key for game) then you do no need to save it in file.Save it in program.
2)If you are working with accounts system(Username and Password) then you can put some part of other files.In that way if password file is deleted program will no run.
3)If you want seperate file for password then you first create master password.Save master password in top or bottom(encrytped password with los of non other password symbols at start and end.).At program start read that file and master password and move further.
4)Saving password in .txt files?why?You have option available to save as binary.
5)There is no way you can stop a person from deleting files.So softwares use backup solution.You should create backup entry of each save file.
You can always store info of all direcories in another file.If any important files is missing it will printouy currupt files.
I have made out all these methods here only and can invent few more if you ask.
2)If you are working with accounts system(Username and Password) then you can put some part of other files.In that way if password file is deleted program will no run.
3)If you want seperate file for password then you first create master password.Save master password in top or bottom(encrytped password with los of non other password symbols at start and end.).At program start read that file and master password and move further.
4)Saving password in .txt files?why?You have option available to save as binary.
5)There is no way you can stop a person from deleting files.So softwares use backup solution.You should create backup entry of each save file.
You can always store info of all direcories in another file.If any important files is missing it will printouy currupt files.
I have made out all these methods here only and can invent few more if you ask.
Binary file is much more secure than txt(although it can be read if not implemented correctly).It stores info in binary format.
use ios::binary flag (just like ios::out and with i) to define binary file.generally used extension for binary file are .dat,.sav etc.But you can use any extension(.txt too).
Note:binary files are majorly used to store object's data.
use ios::binary flag (just like ios::out and with i) to define binary file.generally used extension for binary file are .dat,.sav etc.But you can use any extension(.txt too).
Note:binary files are majorly used to store object's data.
"proitect" it. I did that and when I opened the dat file, all it was was a line of text. Basically all it does is run it all together.
not unless that password is encrypted.
my program uses an exponential encryption algorithm. It does not use a seed to encrypt it. So, my program will open the file with all the data, decrypt the password (it doesnt write any encrypted data to the file, thats just bad), prompts for the password, etc. It does not decrypt the file, but it uses vectors and variables to selectively handle the data (including decrypting it).
No decrypted data ever touches the file, and no decrypted data is displayed until after the correct password is entered.
Because each character adds a "layer" of encryption, I call it exponentialy encrypted, because the more data that's encrypted, the more the algorithm encrypts the characters.
my program uses an exponential encryption algorithm. It does not use a seed to encrypt it. So, my program will open the file with all the data, decrypt the password (it doesnt write any encrypted data to the file, thats just bad), prompts for the password, etc. It does not decrypt the file, but it uses vectors and variables to selectively handle the data (including decrypting it).
No decrypted data ever touches the file, and no decrypted data is displayed until after the correct password is entered.
Because each character adds a "layer" of encryption, I call it exponentialy encrypted, because the more data that's encrypted, the more the algorithm encrypts the characters.
Last edited on
Hi I tried using binary files with the following code:
All that happens is that it creates a .bin file and inserts "test" into there. When I open the .bin file in notepad it simply displays "Test" in plain text. How do I get this to display in random binary characters? What am I doing wrong? Thanks
|
|
All that happens is that it creates a .bin file and inserts "test" into there. When I open the .bin file in notepad it simply displays "Test" in plain text. How do I get this to display in random binary characters? What am I doing wrong? Thanks
It doesnt display it in "random" characters.
You have to encrypt it. What's test in binary? Well, it's Test, but in binary. And when you open it up as a text file, notepad opens it as text, and so you see text.
You apply an encryption algorithm to change all that. The simplest one is a single bit-shift, which shifts every bit 1 place. This however, has become really easy to crack, as it is the most basic of all encryption algorithms. A good encryption algorithm gets harder the more characters you find.
If I were to encryp all of the above text with my own algorithm, this is the encrypted text I will see:
Just writing it to binary doesn't cut it, you gotta encrypt it with an algorithm. The one you see above is my own. I created it myself to protect some of my programs which may conatin sensitive data. The only way someone could decrypt it is if I told them the algorithm, or if they could read assembly code in their sleep.
You have to encrypt it. What's test in binary? Well, it's Test, but in binary. And when you open it up as a text file, notepad opens it as text, and so you see text.
You apply an encryption algorithm to change all that. The simplest one is a single bit-shift, which shifts every bit 1 place. This however, has become really easy to crack, as it is the most basic of all encryption algorithms. A good encryption algorithm gets harder the more characters you find.
If I were to encryp all of the above text with my own algorithm, this is the encrypted text I will see:
| Jw#kxpfck]yfrqoff~tg^zg-&qbqivv;/rytmxbuhwz{ Zrz%qlit[mj;dofwfye$xk&-+Vidy{b.gtjm%fm_enujcl'>?Rbkm!*pc^f} Kxnq'/eza%ta_sbixqz:>?Jyq$nazk+zrz:xarc`bo%tq_fz]l;ivqo ejoj#)ybiviva,psjub%vi_t n]sfay:?las$lj)xpx}znp,ivqo~ Zrz%jacap]vk'fqhyhagxfg-xkhrwpcsz`kh%zgbqll\lya>mcxs!^*Aqp{h zfkidtw!vwp(xj[v\rjqlsn~oxk:nehgw[:fsvry!nehgwx[ngrgp>wfs@8^wulpt[|:Qgjv`oxhrkvk )]gbv<innbbv^mbzmod|nlfn/mj#bsdhr)]nh'bo?ht@yon)zdjm|yztlh`xq%pce=bmdudwctbc@tgd nslyovd;,.T`dnpg(lwnengmdlm dqnxcviyf}dduv.ojcqti(oed]ptyn>pwrkvzsfux{hzh"wbia |
Just writing it to binary doesn't cut it, you gotta encrypt it with an algorithm. The one you see above is my own. I created it myself to protect some of my programs which may conatin sensitive data. The only way someone could decrypt it is if I told them the algorithm, or if they could read assembly code in their sleep.
Last edited on
I understand encryption, I encrypted My previous password txt file. If I encrypt my password into a binary file, and then someone opens it in notepad, what's the difference from me simply saving it as a txt file?
binary files are fast.And sometimes they do insert symbols of their own.But you need to use encytpion along with it.
Try to open a file of game with notepad and see its data.Its like
or in some other encryption.
from:http://www.codeproject.com/Questions/345396/What-is-the-difference-between-binary-and-text-fil
Try to open a file of game with notepad and see its data.Its like
|
|
or in some other encryption.
A C++ stream is defines as a virtually infinite sequence of symbols named "characters". In "text mode" certain control characters are interpreted according to the underlying operating system needs. For example, in Windows, the CR character is replaced by a CR/LF sequence. In "binary mode" no translation is done, and characters are written as they are supplied to the stream itself. In your case this can be made evident by writing some "\r" and "\n" into your strings, and looking at (with an hex editor) how the resulting files look. This concept is completely unrelated from another concept, that is the representation of data (numbers, in particular): it may happen either in textual form (the number 123 viewed as the sequence of the glyph '1' '2' and '3' one after the other, each represented by its own code-point) or in some other coding like the binary form, that can be the same as the way the data themselves are represented inside the computer memory (123 = 0111_1011 = 0x7B). But this is not what you will get by writing numbers with the << operator of an std::ostream: you must use the ostream unformatted methods(put and write) on a binary_mode stream to have a binary-encoded dump of a piece of memory into a file. Note that, if the stream is in text mode, write works the same, but every byte you dump, will be interpreted and translated accordingly to the text representation rules of the underlying operating system (hence, messing up the representation). |
from:http://www.codeproject.com/Questions/345396/What-is-the-difference-between-binary-and-text-fil
Do you even know what encryption is?
I'm not going to explain everything to you. After all this, you still have no clue? Are you remembering what you read here at ALL?
Ozza:
You said it yourself. The difference is that it's not encrypted. If you can't use your brain, please don't ask the question.
I'm not going to explain everything to you. After all this, you still have no clue? Are you remembering what you read here at ALL?
Ozza:
| All that happens is that it creates a .bin file and inserts "test" into there. |
You said it yourself. The difference is that it's not encrypted. If you can't use your brain, please don't ask the question.
Last edited on
Topic archived. No new replies allowed.