Password program

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
#include <iostream>
#include <conio.h>
using namespace std;
int main(){
int i=0;
char password[50]="";
string str="secret";
char ch;

while(1){
ch=getch();
if(ch=='\b'){
cout <<"\b \b"; if (i>0){password[i--]='\0';} }
else if (ch=='\n'|ch=='\r') {password[i]='\0'; break;}
else {password[i]=ch; i++; cout <<"*";} 
}

if (password==str){cout <<"\n correct";}
else {cout <<"wrong";}
return 0;
}

please test it. It should work perfectly. Also please check it using curses.h instead of conio.h
Last edited on
Hmm... any comments?
Spread things out a little more. Put everything on its own line.
Well, why can't you test it?

What are you looking for?

The obvious security holes are:
1) keystrokes are echoed to the screen;
2) there is a simple buffer overflow attack if the user types more than 50 characters
3) the password is stored in plaintext in the executable;
4) the password comparison aborts at the first mismatch rather than comparing all characters (this is a subtle flaw, but nonetheless one that was exploited many years ago)
5) the password entered by the user is stored in plaintext in memory (another subtle flaw, but again one that was exploited many years ago);

>> 4) the password comparison aborts at the first mismatch rather than comparing all characters (this is a subtle flaw, but nonetheless one that was exploited many years ago)

Isn't that more efficient? The very first mismatch, means the password is incorrect, and don't compare any further?

>> 5) the password entered by the user is stored in plaintext in memory (another subtle flaw, but again one that was exploited many years ago);

Are you indicating some kind of encryption? Is it because other parts of the program cannot read it?

Isn't that more efficient? The very first mismatch, means the password is incorrect, and don't compare any further?


Yes and no.

Yes, technically speaking it will be a few nanoseconds faster. In reality, unless your password is many megabytes long, the speed difference won't even be measurable at the software level.

Nonetheless it is a security hole to compare only up to the point of failure.
Assuming passwords can have only [a-zA-Z0-9] for simplicity's sake, that's 62 different characters. A password of length N then has 62^N possible values. This quickly becomes impossible to brute force.

However, by comparing only up to the point of mismatch, I can, with some good engineering, write a program that requires at most 62*N (yes, 62 *times* N) guesses before it gets the correct password.


Also, if the password is stored as plaintext in memory, someone could easily just run a debugger and look at the password in memory. So yes, you definitely should encrypt it.
Topic archived. No new replies allowed.