954,479 Members — Technology Publication meets Social Media
Username:
Password:
Lost login information?

C Password Program

0
By Mathias Van Malderen on Jun 25th, 2009 11:14 pm

One of the things which attracted my attention was that there are often newbies asking how to create a password program in C/C++, often they don't succeed, well here's my response, you can use it for any purpose you want, one thing you'll have to keep in mind is that this code will only work on compilers which support conio.h, I know that it's actually a bad habit to make use of this "library", but most of the newbies which are searching for code like this are always using a compiler which supports it, so I guess that won't be a big problem.
As compiler to compile this code I used MinGW.
(The world's best open source compiler for Windows)
You can get the command line compiler from the site, however if you're new to
C/C++ then I would rather suggest you to go and get an IDE featuring the MinGW compiler: Code::Blocks is a very good one, also often used is the Dev-C++ IDE, but there's on major disadvantage of Dev-C++: The source code editor of the IDE isn't being updated anymore (however you can still use it with the newest MinGW compiler, that would be no problem)

#include <stdio.h>
#include <string.h>
#include <conio.h>

int main()
{
    char buffer[256] = {0};
    char password[] = "password";
    char c;
    int pos = 0;
    
    printf("%s", "Enter password: ");
    do {
        c = getch();
        
        if( isprint(c) ) 
        {
            buffer[ pos++ ] = c;
            printf("%c", '*');
        }
        else if( c == 8 && pos )
        {
            buffer[ pos-- ] = '\0';
            printf("%s", "\b \b");
        }
    } while( c != 13 );
    
    if( !strcmp(buffer, password) )
        printf("\n%s\n", "Logged on succesfully!");
    else
        printf("\n%s\n", "Incorrect login!");

    return 0;
}
2 Years Ago
0

Bug Fix!
Change:
buffer[ pos<strong>--</strong> ] = '\0';
to: buffer[ <strong>--</strong>pos ] = '\0';
:)

tux4life
Nearly a Posting Maven
2,350 posts since Feb 2009
Reputation Points: 2,134
Solved Threads: 243
 
2 Years Ago
0

Code Improvement!
It might be a good practice to change the loop's condition,
from:
while( c != 13 );
to: while( c != 13 && pos < 256);
as this will avoid to go over the bounds of the buffer.
:)

tux4life
Nearly a Posting Maven
2,350 posts since Feb 2009
Reputation Points: 2,134
Solved Threads: 243
 
2 Years Ago
0

If you pretend this to be valid C++ totally FAIL.

Asafe
Newbie Poster
24 posts since Jul 2009
Reputation Points: 10
Solved Threads: 3
 
2 Years Ago
0

>If you pretend this to be valid C++ totally FAIL.
Well, in fact this is all valid C++, with the minor exception that I used an unportable library, but does that make it invalid C++ code?
The code is not standard C++ (but that's only because I used the conio library).
BTW, I posted this snippet in the C section of code snippets and not in the C++ section, but it should work on most C++ compilers as well (as long as they support conio.h).
When you intend to compile this code on a C++ compiler, then you should of course change the include directives to include the new-style headers, because most compilers only provide the old-style headers for backwards compatibility and because therefore they're not standard.
And if you want, you can always use the C++ iostream class library for I/O.
But remember that my intention was that it is C code in the first place.
Well, I would like to see you how you would do it in Standard (valid) C++.

tux4life
Nearly a Posting Maven
2,350 posts since Feb 2009
Reputation Points: 2,134
Solved Threads: 243
 
2 Years Ago
0

In case you didn't know this isn't very secure. It is possible to find the hard coded password simply by analyzing the compiled binary file. Like so:
cat password
gives something like:

US=u@-X9sB9r[]Ív'Utt	$ÐL$qUWQ0DžrDž@DžpassDžwordƅED$P$aUE}`~&}z UuD$$)uD$h$D$$0Y_]aÐU]Ít&'UWVSO

it not as plain as day but you can see the hard coded password there. Using a hex editor it would be even easier to read it.

If you want real security it needs to be encrypted using sha1 or some other scheme.

superdav42
Newbie Poster
2 posts since Aug 2009
Reputation Points: 10
Solved Threads: 0
 
2 Years Ago
0

First of all: my intention was to write a program which just lets the user enter a password, while displaying an asterisk for each character entered (correction through backspace allowed).

However you're right in saying that this program is not secure, because the password is hardcoded, but it was never my intention that my program would be used as it's displayed here for 'serious' programs.
I included a variable, which contains a hardcoded password, with the only purpose to be able to demonstrate this little program.

People here are free to copy my code and modify it according to their needs, if they want to enhance security by using hashed passwords, that's okay.

Using hashing, you'll have to do something like this in general:Get the hashed password.
Get the user entered password.
Hash the password entered by the user and compare it to the hashed (correct) password.
If the comparison yields true, then log the user in.

tux4life
Nearly a Posting Maven
2,350 posts since Feb 2009
Reputation Points: 2,134
Solved Threads: 243
 
1 Year Ago
0

it helps me, thank you

Kenclozand3
Newbie Poster
1 post since Jul 2010
Reputation Points: 10
Solved Threads: 0
 
1 Year Ago
Show Comments
-1

It help but you must include header file ctype.h

Noel Malle
Newbie Poster
1 post since May 2011
Reputation Points: 10
Solved Threads: 0
 
1 Year Ago
Show Comments
1

Hey nice password program.
I did not tried this before.
but i want that when user inputs the password then user must see * instead of actual chars.
How can I? :P

yashsaxena
Light Poster
35 posts since Nov 2010
Reputation Points: 9
Solved Threads: 1
 
7 Months Ago
0

Thanks for the above program
now i am safe with my programs
thank you very much for the owner
if you need any help contact me...

aravindanne
Newbie Poster
3 posts since Oct 2011
Reputation Points: 10
Solved Threads: 0
 
2 Months Ago
0

Hy! I'm sorry that i revive this topic but i have a problem with this code! I added a do{ } while so that i can reenter the password again if it's typed incorrect.Now if i type the password correctly for the first time it works, but if i typed wrong then correct it sais that the password is wrong. Why?

#include <stdio.h>
#include <string.h>
#include <conio.h>
#include <ctype.h>

int main()
{
char buffer[256] = {0};
char password[] = "password";
char c;
int pos = 0,k=0;

do{           //start 
printf("%s", "Enter password: ");

do {
    c = getch();
    if( isprint(c) )
{
    buffer[ pos++ ] = c;
    printf("%c", '*');
}

else if( c == 8 && pos )

{
    buffer[ --pos ] = '\0';
    printf("%s", "\b \b");
}

} while( c != 13 && pos < 256);

if( !strcmp(buffer, password) )

{   k=1;
    printf("\n%s\n", "Logged on succesfully!");

}
else

{   printf("\n%s\n", "Incorrect login!");
    k=0;
}

} while(k==0);

return 0;

}
Adytzu04
Newbie Poster
2 posts since Mar 2012
Reputation Points: 0
Solved Threads: 0
 
2 Months Ago
0

Reformat your code so we can tell wht statements go with what DO loop.

WaltP
Posting Sage w/ dash of thyme
Moderator
10,505 posts since May 2006
Reputation Points: 3,348
Solved Threads: 944
 
2 Months Ago
0

After lie 13 set pos = 0

Ancient Dragon
Retired & Loving It
Team Colleague
30,049 posts since Aug 2005
Reputation Points: 5,662
Solved Threads: 2,343
 
2 Months Ago
0

thx for answers! I've been able to make it work by making it into a function then accesing it from main with a loop

Adytzu04
Newbie Poster
2 posts since Mar 2012
Reputation Points: 0
Solved Threads: 0
 

Post: Markdown Syntax: Formatting Help
You
 
© 2012 DaniWeb® LLC
Home | About Us | Contact Us | Terms of Service | Advertising Opportunities
RSS Feed RSS Feed