Home
Search
 
What's New
Index
Books
Links
Q & A
Newsletter
Banners
 
Feedback
Tip Jar
 
C# Helper...
 
XML RSS Feed
Follow VBHelper on Twitter
 
 
 
MSDN Visual Basic Community
 
 
 
 
 
TitleGive a program a simple one-time password
DescriptionThis example shows how to give a program a simple one-time password in Visual Basic 6. The program stores the encrypted password in the registry. Later it looks it up and verifies that it correctly encodes the password.
Keywordspassword, cryptography, one-time password
CategoriesSoftware Engineering
 
When program starts, it looks for the encoded password in the Registry. If it finds a value, it compares it to a desired encoded password stored in the program.

If the two don't match, then the program prompts the user for a password. It encodes that password and sees if it matches the desired value. If it matches, the program saves the encoded password in the Registry.

Finally, if the program has a valid encoded password, it displays the main form. Otherwise it displays an error message.

 
' Make sure the user is authorized to run the
' program.
Public Sub main()

' This is the coded form of "thepassword"
Const WANTED_PASSWORD = "uifqbttxpse"

Dim coded_password As String
Dim plain_password As String

    ' See if the password is in the registry
    ' already.
    coded_password = GetSetting("PasswordChecker", _
        "Parameters", "Validation", "")
    
    If coded_password <> WANTED_PASSWORD Then
        ' The password is not saved. Ask for one.
        plain_password = InputBox("Enter password", _
            "PasswordChecker", "")
        coded_password = Encode(plain_password)
        
        ' If the password is correct, save it in
        ' the registry.
        If coded_password = WANTED_PASSWORD Then
            SaveSetting "PasswordChecker", _
                "Parameters", "Validation", _
                coded_password
        End If
    End If

    ' See if we got the password.
    If coded_password = WANTED_PASSWORD Then
        Form1.Show
    Else
        MsgBox "Invalid password.", vbOK, "Invalid Password"
    End If
End Sub

' Encode a text string by adding 1 to each letter.
Private Function Encode(plain_text As String) As String
Dim i As Integer
Dim ch As String
Dim coded_text As String

    For i = 1 To Len(plain_text)
        ch = Mid$(plain_text, i, 1)
        ch = Chr$(Asc(ch) + 1)
        If ch > "~" Then ch = " "
        coded_text = coded_text & ch
    Next i
    Encode = coded_text
End Function
 
The most important feature of this method is that the unencoded password is not saved in the Registry so the user cannot dig it out. He could find the encoded version and copy it to another computer's Registry but this should be good enough for many applications. You can also make the encoding method depend on the system's serial number or the program's serial number.
 
 
Copyright © 1997-2010 Rocky Mountain Computer Consulting, Inc.   All rights reserved.
  Updated