Clever Geek Handbook

Password encryption

I was able to do a simple encryption of the entered password using the following code, which then displays the encrypted password in the header of the labels,

procedure TfrmLogin.edtAddPasswordClick(Sender: TObject);
var
  NormalPassword, EncryptedPassword: string;
  PasswordChar: Char;
  EncryptedCharValue: string;
  CharPtr: Integer;
  Ptr, n: Integer;
begin
  NormalPassword := Edit1.text;
  EncryptedPassword := '';
  for CharPtr := 1 to Length(NormalPassword) do
  begin
    PasswordChar := NormalPassword[CharPtr];
    EncryptedCharValue := IntToStr (Ord(PasswordChar) * 5 + 14);
    EncryptedPassword := EncryptedPassword + EncryptedCharValue;
    Label1.Caption := EncryptedPassword;
  end;
end;

The problem is that I would like to convert the encrypted password displayed in label1.caption back to the original form on a click of another button, and I cannot figure out how this can be done. any suggestions?

+3


source to share


5 answers


Instead of creating your own algorithm for hashing (or encrypting) the password, try using a tried and true algorithm like SHA1, MD5, etc.

Coming back to your question, to convert the encrypted value to the original one, all you have to do is reverse your algorithm, try this sample.



var
  NormalPassword, EncryptedPassword: String;
  PasswordChar : char;
  EncryptedCharValue : String;
  CharPtr : Integer;
begin
  NormalPassword    :='';
  EncryptedPassword := Label1.Caption; //here is stored the encrypted password
  CharPtr := 1;
  while CharPtr< length(EncryptedPassword) do
    Begin
      EncryptedCharValue:=Copy(EncryptedPassword, CharPtr, 3);
      Inc(CharPtr, 3);
      PasswordChar     := Chr((StrToint(EncryptedCharValue)-14) div 5);
      NormalPassword  :=NormalPassword+ PasswordChar;
    end;
    Label2.Caption := NormalPassword; 
end;
+6


source


I know this is for homework and the idea is to get the reverse code and others give you too many details for this purpose, but I need to give this as an answer because its concept is too important to say in a note :

If you're really talking about a password, you shouldn't make the password reversible. Users expect their passwords to be safe and secure, and not reversible.



If the reason you want to do this is because you want to send them your password if they forget about it, then there will be no answer.

When a person loses or forgets their password, you should not provide it to them, because this proves that it is not secure. Instead, the right thing to do is to make sure they are the user who signed up (via email or other means), then allow them to enter a new password of their choice.

+4


source


If you choose to do it the way you described, you can make it reversible by changing the line:

EncryptedCharValue := IntToStr (Ord(PasswordChar) * 5 + 14);

to

EncryptedCharValue := format('%.4d', [Ord(PasswordChar) * 5 + 14]);

This would allow you to later align the string in four-character chunks, subtract 14, divide by 5, and revert back to character. I'm sticking with my earlier comment, though - if you do have a use case that requires reversible security, use a stronger algorithm, like the one discussed in this question .

[Edit: four characters are clearly more reliable]

+2


source


You are using a very simple hashing algorithm that cannot be reversed. It doesn't make sense to store passwords in such a way that they can be reversed as it does not add an extra layer of security (other than using a complex scheme based on asymmetric encryption)

+1


source


simple hashing algorithm: How to delete a row with Delphi?

hash with secret key algorithm (CRAM, HMac): HMAC-SHA256 in Delphi

0


source






More articles:


All Articles