Question about "that thing you key in that's not a user name when you're logging in"

Bob Sneidar bobsneidar at iotecdigital.com
Wed Dec 30 18:52:40 EST 2015


What I do (and I have seen this in other login systems apart from LC) is I have a User Name field and a Login button. When clicked it will check a database of user names and balk if it cannot find the user. It then uses Ask Password, encrypts it using a seed value only I know, compares it with the stored encrypted value, and proceeds or declines based on if it matches.

Bob S

On Dec 30, 2015, at 15:04 , J. Landman Gay <jacque at hyperactivesw.com<mailto:jacque at hyperactivesw.com>> wrote:

On 12/30/2015 5:18 AM, Richmond wrote:
one thing that is very odd is 'mcEncrypt';

firstly because it maybe the only thing in LiveCode that
betrays LiveCode's ancestry in MetaCard,

It was part of the original MC 1.0 and was used only internally to encrypt the entry from an ask dialog. The encrypted form was returned to the script. There was no way to obtain the original unencrypted text entry.

and

secondly because the Documentation (7.1) tells us
nothing beyond that it is 'Reserved for internal use'.

That 'Reserved' is all jolly well and good, but made
me feel a bit strange having read the entry for

"ask p_assword" [there's another way of getting round things, even if,
for Americans,
it might seem a bit 'fruity']

where it says:

'get mcEncrypt(it)'

At some point the dialog behavior changed and the engine now returns only the raw text. It is now necessary for the script rather than the engine to handle the encryption if that's desired. When the behavior changed, mcEncrypt was made public and put into the dictionary.

--
Jacqueline Landman Gay         |     jacque at hyperactivesw.com<mailto:jacque at hyperactivesw.com>
HyperActive Software           |     http://www.hyperactivesw.com<http://www.hyperactivesw.com/>




More information about the use-livecode mailing list