Hi everyone. I just had a question about data transfering between two programs. I currently have a working system but its very insecure. Basically what i do is once the user logs in, i would save their data in a json file in their C: drive as a "config.json" inside of that all their details would be stored like username, password, etc. Then from the other program i check if that file exists and i get the data from the config.json then parse it using nlohmann json(very good library), and i send a HTTP GET request to my server with the users details parsed from the json and if everything matches and if it does, they login successfully. I would like to do this data transferring in a more secure / encrypted way. If anyone can help me that would be awesome. Thanks!
No point using encryption when both the sender and the receiver are on the same machine. If someone really wants to see the plaintext they'll get it eventually.
your plain text file on the server is a security risk. Is this a real system? If so you need to get a security expert or start studying. If not, you can do some simple things and call it good enough (eg discourage casual snooping).
eg encrypt the json files on the server side would be a simple start. a really basic (anti snoop) way to do that would be to stuff a number in binary with salt in the front of the file. Pull that out and use it to seed a random generation. The random values from the generator, xor with the bytes in the file. 5 lines of code, and an annoying to crack encryption is in place (its cracked by reverse engineering the program, its not easy to do any other way, but that isnt too hard for an expert). The same lines encrypt and decrypt as (a^b)^b = a.