Create and change password in VB6

Please support our Visual Basic 4 / 5 / 6 advertiser: Programming Forums - DaniWeb Sister Site
Reply

Join Date: May 2008
Posts: 6
Reputation: jps447 is an unknown quantity at this point 
Solved Threads: 0
jps447 jps447 is offline Offline
Newbie Poster

Create and change password in VB6

 
0
  #1
Sep 25th, 2008
Hi,

I'm planning to create a login window where I can enter a username and password in visual basic 6. In this window, there are also options to create and change password. Can you help on how to do this? And also, how will the passwords be protected from other people who are not authorized to access? Thank you.
Reply With Quote Quick reply to this message  
Join Date: Aug 2008
Posts: 710
Reputation: Teme64 will become famous soon enough Teme64 will become famous soon enough 
Solved Threads: 115
Teme64's Avatar
Teme64 Teme64 is offline Offline
Master Poster

Re: Create and change password in VB6

 
0
  #2
Sep 25th, 2008
There's never a 100% secure solution.

First, do not store password in plain text. Use some hash function to calculate hashed value of the password and store this hashed value. Some methods are MD5, SHA1 or simple CRC32 etc. You'll find sample code with Google. So when the user gives his/her password, you calculate hash and compare calculated hash with the stored hash value, not the password itself.

Second, where to store hashed passwords? Do you use some database to store them? If you have only one user who's allowed to access, you can store hashed password in registry. Of course, it can be removed from there. Another solution, and quite feasible today, is to store it in a file in USB memory stick. Then user requires both USB stick and the USB stick must contain hashed password in a file.

I won't give here the actual code for password prompt dialog and password change dialog. They are quite straightforward to implement, but I'll give help with them if needed.
Teme64 @ Windows Developer Blog
Reply With Quote Quick reply to this message  
Join Date: Jul 2008
Posts: 501
Reputation: abu taher is an unknown quantity at this point 
Solved Threads: 25
abu taher's Avatar
abu taher abu taher is offline Offline
Posting Pro

Re: Create and change password in VB6

 
0
  #3
Sep 25th, 2008
Try it.
Attached Files
File Type: zip Login_UsingRegistry.zip (2.9 KB, 54 views)
Reply With Quote Quick reply to this message  
Join Date: May 2008
Posts: 6
Reputation: jps447 is an unknown quantity at this point 
Solved Threads: 0
jps447 jps447 is offline Offline
Newbie Poster

Re: Create and change password in VB6

 
0
  #4
Sep 25th, 2008
Originally Posted by abu taher View Post
Try it.
Thanks for the attached file. Actually, I have that file already. In this file, isn't you can only change the password by changing it to the registry? What I want to know is how to change it during run time. For example, I want to add a command button which function is to change the password.
Reply With Quote Quick reply to this message  
Join Date: May 2008
Posts: 6
Reputation: jps447 is an unknown quantity at this point 
Solved Threads: 0
jps447 jps447 is offline Offline
Newbie Poster

Re: Create and change password in VB6

 
0
  #5
Sep 25th, 2008
Originally Posted by Teme64 View Post
There's never a 100% secure solution.

First, do not store password in plain text. Use some hash function to calculate hashed value of the password and store this hashed value. Some methods are MD5, SHA1 or simple CRC32 etc. You'll find sample code with Google. So when the user gives his/her password, you calculate hash and compare calculated hash with the stored hash value, not the password itself.

Second, where to store hashed passwords? Do you use some database to store them? If you have only one user who's allowed to access, you can store hashed password in registry. Of course, it can be removed from there. Another solution, and quite feasible today, is to store it in a file in USB memory stick. Then user requires both USB stick and the USB stick must contain hashed password in a file.

I won't give here the actual code for password prompt dialog and password change dialog. They are quite straightforward to implement, but I'll give help with them if needed.
I'm quite confuse to the hash function you mention. Please give me specific example on how to do this? Thank you
Reply With Quote Quick reply to this message  
Join Date: Aug 2008
Posts: 710
Reputation: Teme64 will become famous soon enough Teme64 will become famous soon enough 
Solved Threads: 115
Teme64's Avatar
Teme64 Teme64 is offline Offline
Master Poster

Re: Create and change password in VB6

 
0
  #6
Sep 26th, 2008
Ok. I've ripped this partly from my app which is written in VB.NET not VB6 and the rest is sort of "pseudo code". So, you'll need in VB6 a) MD5-funtion and b) a way to convert string to bytes. You'll find VB6 code for that with Google (I did some 10 yrs ago

First, user enters initial password:

VB.NET Syntax (Toggle Plain Text) 
  1. Imports System.Security.Cryptography
  2.  
  3. Private Sub CalculateMD5(ByVal BytesIn() As Byte, ByRef ResultMD5() As Byte)
  4.   '
  5.   ' Calculate MD5 for bytes
  6.   Dim ProvMD5 As MD5
  7.  
  8.   Try
  9.     ProvMD5 = MD5CryptoServiceProvider.Create()
  10.     ProvMD5.Initialize()
  11.     ResultMD5 = ProvMD5.ComputeHash(BytesIn)
  12.     ProvMD5.Clear()
  13.   Catch ex As Exception
  14.     ' Handle error
  15.   End Try
  16.  
  17. End Sub
  18.  
  19. Private Function MD5ToString(ByVal BytesIn() As Byte) As String
  20.   '
  21.   ' Return MD5 as a hex string
  22.   Dim UBits As Integer
  23.   Dim LBits As Integer
  24.   Dim TempStr As String
  25.   Dim i As Integer
  26.  
  27.   Try
  28.     TempStr = ""
  29.     For i = 0 To BytesIn.GetUpperBound(0)
  30.       UBits = (BytesIn(i) And 240) >> 4
  31.       LBits = (BytesIn(i) And 15)
  32.       TempStr = TempStr & String.Format("{0:x}", UBits)
  33.       TempStr = TempStr & String.Format("{0:x}", LBits)
  34.     Next i
  35.     Return TempStr
  36.   Catch ex As Exception
  37.     ' Handle error
  38.     Return ""
  39.   End Try
  40.  
  41. End Function

Get a password from the user, calculate hash and store hash.

VB.NET Syntax (Toggle Plain Text) 
  1. Imports System.Text
  2.  
  3. Dim StringData As String
  4. Dim ByteData() as Byte
  5. Dim ResultHash() As Byte
  6. Dim HashedPwString As String
  7.  
  8. ' Get password to StringData and convert to bytes
  9. ByteData = Encoding.Default.GetBytes(StringData)
  10. ' Hash it
  11. CalculateMD5(ByteData, ResultHash)
  12. ' Make a string from bytes, you could use also Encoding.Default.GetString()
  13. HashedPwString = MD5ToString(ResultHash)
  14. ' Now, store HashedPwString to somewhere!

How to compare hashes:
Use the same code as above to (prompt password) and calculate HashedPwString from it. Then compare:

Visual Basic 4 / 5 / 6 Syntax (Toggle Plain Text) 
  1. Dim StoredHash As String
  2. ' Read StoredHash from somewhere
  3. If HashedPwString = StoredHash Then
  4.   ' Yes the passwords are the same
  5. Else
  6.   ' No match, kindly tell the user to re-enter password. Or just kick him out
  7. End If

Here's a one MD5 code (in VB6) http://www.di-mgt.com.au/crypto.html#MD5 but I haven't tried it myself. That code seems(?) to get strings as parameter so you do not need string->byte->string conversions. Just rewrite CalculateMD5() with the VB6 code (from that link).

BTW. If you use VB.NET, you can change MD5 -> SHA1 and get a slightly better hashes.
Teme64 @ Windows Developer Blog
Reply With Quote Quick reply to this message  
Join Date: May 2008
Posts: 6
Reputation: jps447 is an unknown quantity at this point 
Solved Threads: 0
jps447 jps447 is offline Offline
Newbie Poster

Re: Create and change password in VB6

 
0
  #7
Sep 26th, 2008
Originally Posted by Teme64 View Post
Ok. I've ripped this partly from my app which is written in VB.NET not VB6 and the rest is sort of "pseudo code". So, you'll need in VB6 a) MD5-funtion and b) a way to convert string to bytes. You'll find VB6 code for that with Google (I did some 10 yrs ago

First, user enters initial password:

VB.NET Syntax (Toggle Plain Text) 
  1. Imports System.Security.Cryptography
  2.  
  3. Private Sub CalculateMD5(ByVal BytesIn() As Byte, ByRef ResultMD5() As Byte)
  4.   '
  5.   ' Calculate MD5 for bytes
  6.   Dim ProvMD5 As MD5
  7.  
  8.   Try
  9.     ProvMD5 = MD5CryptoServiceProvider.Create()
  10.     ProvMD5.Initialize()
  11.     ResultMD5 = ProvMD5.ComputeHash(BytesIn)
  12.     ProvMD5.Clear()
  13.   Catch ex As Exception
  14.     ' Handle error
  15.   End Try
  16.  
  17. End Sub
  18.  
  19. Private Function MD5ToString(ByVal BytesIn() As Byte) As String
  20.   '
  21.   ' Return MD5 as a hex string
  22.   Dim UBits As Integer
  23.   Dim LBits As Integer
  24.   Dim TempStr As String
  25.   Dim i As Integer
  26.  
  27.   Try
  28.     TempStr = ""
  29.     For i = 0 To BytesIn.GetUpperBound(0)
  30.       UBits = (BytesIn(i) And 240) >> 4
  31.       LBits = (BytesIn(i) And 15)
  32.       TempStr = TempStr & String.Format("{0:x}", UBits)
  33.       TempStr = TempStr & String.Format("{0:x}", LBits)
  34.     Next i
  35.     Return TempStr
  36.   Catch ex As Exception
  37.     ' Handle error
  38.     Return ""
  39.   End Try
  40.  
  41. End Function

Get a password from the user, calculate hash and store hash.

VB.NET Syntax (Toggle Plain Text) 
  1. Imports System.Text
  2.  
  3. Dim StringData As String
  4. Dim ByteData() as Byte
  5. Dim ResultHash() As Byte
  6. Dim HashedPwString As String
  7.  
  8. ' Get password to StringData and convert to bytes
  9. ByteData = Encoding.Default.GetBytes(StringData)
  10. ' Hash it
  11. CalculateMD5(ByteData, ResultHash)
  12. ' Make a string from bytes, you could use also Encoding.Default.GetString()
  13. HashedPwString = MD5ToString(ResultHash)
  14. ' Now, store HashedPwString to somewhere!

How to compare hashes:
Use the same code as above to (prompt password) and calculate HashedPwString from it. Then compare:

Visual Basic 4 / 5 / 6 Syntax (Toggle Plain Text) 
  1. Dim StoredHash As String
  2. ' Read StoredHash from somewhere
  3. If HashedPwString = StoredHash Then
  4.   ' Yes the passwords are the same
  5. Else
  6.   ' No match, kindly tell the user to re-enter password. Or just kick him out
  7. End If

Here's a one MD5 code (in VB6) http://www.di-mgt.com.au/crypto.html#MD5 but I haven't tried it myself. That code seems(?) to get strings as parameter so you do not need string->byte->string conversions. Just rewrite CalculateMD5() with the VB6 code (from that link).

BTW. If you use VB.NET, you can change MD5 -> SHA1 and get a slightly better hashes.
Thank you for the information Actually, I'm not familiar yet in VB.net that's why I only ask on VB6. Maybe I'll just study on how to use VB.net so I can use the codes you gave to me. How can I have VB.net?
Reply With Quote Quick reply to this message  
Join Date: Aug 2008
Posts: 710
Reputation: Teme64 will become famous soon enough Teme64 will become famous soon enough 
Solved Threads: 115
Teme64's Avatar
Teme64 Teme64 is offline Offline
Master Poster

Re: Create and change password in VB6

 
0
  #8
Sep 26th, 2008
Actually you can do it with VB6 (I did a long time ago). All you need is that MD5 algorithm written in VB6, for which I gave a link. VB.NET has these things "built-in" ie. they are part of .NET Framework.

If you want to go for VB.NET, there are free Express Editions (EE) for learning purposes. VB.NET 2005 can be downloaded from http://www.microsoft.com/express/2005/ and it comes with SQL Server 2005 Express Edition. There's also EEs for C# etc.

VB.NET 2005 EE works with .NET Framework 2.0. Latest .NET Framework is 3.5 and if you want to jump straight to it, download VB.NET 2008. 3.5 contains a lot more bells and whistles. I still stick with 2.0 because I have a large code base written for it and I don't currently have time to learn new things that come with 3.5 and VB.NET 2008.

There are a few restrictions with EEs compared to the commercial Visual Studio products. For example, you may not use EE for compiling commercial products. So read the End User License Agreement carefully, but you would do that anyway, wouldn't you
Teme64 @ Windows Developer Blog
Reply With Quote Quick reply to this message  
Reply

Quick Reply to Thread
This thread is more than three months old.
Perhaps start a new thread instead?
Message:



Similar Threads
Other Threads in the Visual Basic 4 / 5 / 6 Forum


Views: 4063 | Replies: 7
Thread Tools Search this Thread



Tag cloud for Visual Basic 4 / 5 / 6
* 6 429 2007 access activex add age append application basic beginner birth bmp c++ calculator cd cells.find click client code college column component connection connectionproblemusingvb6usingoledb copy creat ctrl+f data database datareport date delete dissertations dissertationthesis dissertationtopic edit error excel excelmacro file filename form hardware header iamthwee image inboxinvb internetfiledownload keypress label listbox listview liveperson login looping machine microsoft movingranges objectinsert open oracle password prime program prompt range-objects readfile reading record refresh remotesqlserverdatabase report retrieve save search sendbyte sites sort sql sql2008 sqlserver struct table tags textbox time timer urldownloadtofile vb vb6 vb6.0 vba visual visualbasic visualbasic6 web window windows
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2009 DaniWeb® LLC