startup handler

[Bob Sneidar]

Hi Mark. I get the password clear, then unencrypt the stored password and check it against the entered one. After I am done I delete the variables. It's probably not the best way security wise, but it allows me to pick my own encryption method. Someone would have to find a way to stop the app mid execution and do a memory dump to get the password in it's unencrypted state. I use aes128 with a seed value unique to each password record. That seems pretty secure to me. Not sure if the full encryption library is available to the iOS app tho'. 

Bob


On Nov 28, 2011, at 10:05 PM, Mark Smith wrote:

> 
> J. Landman Gay wrote
>> 
>> On 11/28/11 10:15 PM, Mark Smith wrote:
>> 
>>> Now, before I begin, both the stack in the IDE and tested on the iPhone
>>> simulator report the encrypted pw as \VUw|1,A   so, no difference there.
>> 
>> I get a difference.
>> 
> 
> Thank you (once again). Your testing was more thorough. When I said I did
> not get a difference I meant when I read the value from the custom property
> (cpassword) on iOS and desktop it was the same ie. was still encrypted. It
> never occurred to me to test the *new* password that was being generated
> (duh!!) until I saw your message and put  2 n' 2 together. I also get an
> un-encrypted montreal on iOS. 
> 
> I'll report it as a problem.
> 
> I know the big yellow banner at the top of my screen says don't waste space
> saying thanks. So I won't :-)
> 
> 
> --
> View this message in context: http://runtime-revolution.278305.n4.nabble.com/startup-handler-tp4117800p4118166.html
> Sent from the Revolution - User mailing list archive at Nabble.com.
> 
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode