cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • New to JMP? Join us Sept. 23-24 for the Early User Edition of Discovery Summit, tailor-made for new users. Register now for free!
  • Use World Cup data to build models, explore spatial relationships, and create informative visualizations in JMP. Register. July 17, 2 pm US Eastern Time.
  • Your voice matters! Tell us how you prefer to receive JMP updates, so we can tailor our communication to your needs. Take short survey.

Discussions

Solve problems, and share tips and tricks with other JMP users.
Choose Language Hide Translation Bar
vince_faller
Super User (Alumni)

save passwords securely

Does anyone have a secure way to store passwords so users don't have to enter their password every time?  

I don't want to just store the password as plain text in a preferences file or anything like that.  

 

Names default to here(1);
nw = new window("Login", 
	lineupbox(ncol(2), 
		textbox("Username"), teb_uid = texteditbox("Vincent", <<Set Width(200)), 
		textbox("Password"), teb_pwd = texteditbox("thisisapassword", <<Width(200), <<Password Style(1))
	), 
	cb_save = checkbox({"Remember Me"}), 
	buttonbox("OK", 
		uid = teb_uid << Get Text();
		pwd = teb_pwd << Get Text();
		nw << close window();
	)
);

Vince Faller - Predictum
12 REPLIES 12
ih
Super User (Alumni) ih
Super User (Alumni)

Re: save passwords securely

On Windows I believe this code could be re-created with JSL and the command line to interact with the windows credential manager, could be wrong.  Maybe someday I will take this on; sharing it here in case someone else figures it out first. :)

 

#include <windows.h>
#include <wincred.h>
#include <tchar.h>
#pragma hdrstop

void main ()
{
    { //--- SAVE
        char* password = "brillant";        DWORD cbCreds = 1 + strlen(password);
        CREDENTIALW cred = {0};        cred.Type = CRED_TYPE_GENERIC;        cred.TargetName = L"FOO/account";        cred.CredentialBlobSize = cbCreds;        cred.CredentialBlob = (LPBYTE) password;        cred.Persist = CRED_PERSIST_LOCAL_MACHINE;        cred.UserName = L"paula";
        BOOL ok = ::CredWriteW (&cred, 0);        wprintf (L"CredWrite() - errno %d\n", ok ? 0 : ::GetLastError());
        if (!ok) exit(1);
    }
    { //--- RETRIEVE        PCREDENTIALW pcred;        BOOL ok = ::CredReadW (L"FOO/account", CRED_TYPE_GENERIC, 0, &pcred);        wprintf (L"CredRead() - errno %d\n", ok ? 0 : ::GetLastError());
        if (!ok) exit(1);        wprintf (L"Read username = '%s', password='%S' (%d bytes)\n", 
                 pcred->UserName, (char*)pcred->CredentialBlob, pcred->CredentialBlobSize);
        // must free memory allocated by CredRead()!
        ::CredFree (pcred);
    }
}

From kkm here:

https://stackoverflow.com/questions/9221245/how-do-i-store-and-retrieve-credentials-from-the-windows...

ih
Super User (Alumni) ih
Super User (Alumni)

Re: save passwords securely

Here is a version that uses an available module in powershell, maybe that is an option?

 

Names default to here(1);

loadmodule = "
		if (!(Get-Module -ListAvailable -Name CredentialManager)) {
			Install-Module CredentialManager -force -Scope CurrentUser
		}
		";


//Function to run command in powershell, strips trailing line breaks
RunPowershell = Function( {command},
	Regex(RunProgram(
		Executable( "powershell.exe" ),
		Options( {"/c", command } ),
		ReadFunction( "text" )
	), "^(.*?)[\r\n]+$", "\1")
);


// Set password
SetPass = Function( {target,user,pass},
	RunPowershell(
		"$target = '" || target || "'
		$usr = '" || user || "'
		$pswd = '" || pass || "'
		" || loadmodule || "
		New-StoredCredential -Target $target -UserName $usr -Password $pswd"
	);
	1; //password is returned as free text, don't return the response
);

// Get password
GetPass = Function( {target},
	RunPowershell(
		"$target = '" || target || "'
		" || loadmodule || "
		$creds = Get-StoredCredential -Target $target

		$creds.GetNetworkCredential().Password"
	)
);

// Get username
GetUser = Function( {target},
	RunPowershell(
		"$target = '" || target || "'
		" || loadmodule || "
		$creds = Get-StoredCredential -Target $target

		$creds.GetNetworkCredential().UserName"
	)
);

// Set and retrieve credentials
SetPass("testcredential", "myusername3", "mypassword3");
GetPass("testcredential");
GetUser("testcredential");

//You can delete these test credentials using the 'windows credential store'.
David_Burnham
Super User (Alumni)

Re: save passwords securely

I take an obfuscation-style route.  I convert characters to numbers, then feed these numbers into a mathematical formula to generate an 'encrypted' representation. 

 

I tend to use the technique more for software license codes rather than user passwords.  So I will take a product name or code combined with site ID information, plus an expiry date,  build a numeric representation and parse that through a complex mathematical formula: the final output might be something like 1143932720966.  

-Dave

Recommended Articles