Jump to content




[V4.1 COMING!] LoganDark's Password Lock

computer turtle pocket

115 replies to this topic

#21 ry00000

  • Members
  • 244 posts
  • LocationComputer, Base, SwitchCraft, Cube-earth, Blockiverse, Computer

Posted 22 March 2016 - 05:23 PM

I under-estimated SHA. MD5 is a lot easier. Please use COMMON words, and not words like "ghsiejsogjrisie234tkdksowajsk" which isn't even a word.

#22 Creator

    Mad Dash Victor

  • Members
  • 2,168 posts
  • LocationYou will never find me, muhahahahahaha

Posted 22 March 2016 - 05:25 PM

View Postry00000, on 22 March 2016 - 05:23 PM, said:

I under-estimated SHA. MD5 is a lot easier. Please use COMMON words, and not words like "ghsiejsogjrisie234tkdksowajsk" which isn't even a word.

Why not? My password can very well be "ghsiejsogjrisie234tkdksowajsk".

#23 Anavrins

  • Members
  • 775 posts

Posted 22 March 2016 - 06:49 PM

View Postry00000, on 22 March 2016 - 05:23 PM, said:

I under-estimated SHA. MD5 is a lot easier. Please use COMMON words, and not words like "ghsiejsogjrisie234tkdksowajsk" which isn't even a word.
Please stop...

Edited by Anavrins, 22 March 2016 - 07:11 PM.


#24 Luca_S

  • Members
  • 407 posts
  • LocationGermany

Posted 22 March 2016 - 07:25 PM

View Postry00000, on 22 March 2016 - 05:23 PM, said:

I under-estimated SHA. MD5 is a lot easier. Please use COMMON words, and not words like "ghsiejsogjrisie234tkdksowajsk" which isn't even a word.

Please choose one of these 3 Passwords:

1. lolcatzwillruletheworld
2. mypasswordissolongitisuncrackable
3. ihavenoideawhattowritehere

And tell me the sha256 hash of it. I bet I can crack it in 5 seconds.

#25 apemanzilla

  • Members
  • 1,421 posts

Posted 22 March 2016 - 08:21 PM

View Postry00000, on 22 March 2016 - 05:23 PM, said:

I under-estimated SHA. MD5 is a lot easier. Please use COMMON words, and not words like "ghsiejsogjrisie234tkdksowajsk" which isn't even a word.

Well, you said SHA. There's a reason MD5 hasn't been used for passwords for several years at this point...

#26 Luca_S

  • Members
  • 407 posts
  • LocationGermany

Posted 23 March 2016 - 08:39 AM

View PostLoganDark, on 17 March 2016 - 07:32 AM, said:

View PostLDDestroier, on 17 March 2016 - 01:56 AM, said:

View PostLoganDark, on 17 March 2016 - 12:58 AM, said:

What are you talking about, too many sleep() calls?

Lines 233, 248, 252. It's kinda annoying waiting two seconds to get to the shell.

If there were no sleep calls there, the user wouldn't be able to read the text.

Edit: The user might want to know what's going on if they're suddenly asked for the password again.

You don't actually need the sleep at 248.

Edited by Luca_S, 23 March 2016 - 08:44 AM.


#27 LoganDark

  • Members
  • 231 posts
  • LocationMacintosh HD/Users/LoganDark

Posted 24 March 2016 - 06:32 AM

View PostLuca_S, on 23 March 2016 - 08:39 AM, said:

View PostLoganDark, on 17 March 2016 - 07:32 AM, said:

View PostLDDestroier, on 17 March 2016 - 01:56 AM, said:

View PostLoganDark, on 17 March 2016 - 12:58 AM, said:

What are you talking about, too many sleep() calls?

Lines 233, 248, 252. It's kinda annoying waiting two seconds to get to the shell.

If there were no sleep calls there, the user wouldn't be able to read the text.

Edit: The user might want to know what's going on if they're suddenly asked for the password again.

You don't actually need the sleep at 248.
Good point. I'll consider it when making the next version.

#28 LoganDark

  • Members
  • 231 posts
  • LocationMacintosh HD/Users/LoganDark

Posted 29 March 2016 - 02:58 PM

Comments below were posted after version 3 of my password lock had been released.

To view comments for the most recent version of my system, click here.

Edited by LoganDark, 17 May 2016 - 08:18 PM.


#29 Lyqyd

    Lua Liquidator

  • Moderators
  • 8,465 posts

Posted 29 March 2016 - 04:39 PM

Threads merged. Please stick to one topic per program. Feel free to edit the first post and topic title.

#30 LDDestroier

  • Members
  • 1,095 posts
  • LocationACDC Town

Posted 29 March 2016 - 05:59 PM

I think the lock is pretty good. It's certainly more animated than the previous version, even when hashing (which, wouldn't that make it take longer to hash, slightly?)

But mine looks better!!!

#31 Anavrins

  • Members
  • 775 posts

Posted 29 March 2016 - 06:16 PM

That's an interesting approach to salting I gotta say :P
Looks nice and simple, the only comments I have is about the SHA2 code, you can make the whole process faster by
using my implementation of it, however if you want to stick with GravScore's one, I'd suggest fixing the bug I mentioned in his thread
Spoiler

Edited by Anavrins, 29 March 2016 - 06:17 PM.


#32 LoganDark

  • Members
  • 231 posts
  • LocationMacintosh HD/Users/LoganDark

Posted 29 March 2016 - 06:27 PM

View PostLDDestroier, on 29 March 2016 - 05:59 PM, said:

I think the lock is pretty good. It's certainly more animated than the previous version, even when hashing (which, wouldn't that make it take longer to hash, slightly?)

But mine looks better!!!

Nice space link.

#33 LoganDark

  • Members
  • 231 posts
  • LocationMacintosh HD/Users/LoganDark

Posted 29 March 2016 - 06:34 PM

View PostAnavrins, on 29 March 2016 - 06:16 PM, said:

That's an interesting approach to salting I gotta say :P/>/>
Looks nice and simple, the only comments I have is about the SHA2 code, you can make the whole process faster by
using my implementation of it, however if you want to stick with GravScore's one, I'd suggest fixing the bug I mentioned in his thread
Spoiler
Fixed

Edit: Wanna know a cool fact? The salting seed (that seemingly random jumble of letters and numbers) is the full alphabet in uppercase and lowercase, scrambled beyond recognition with 1234567890 salt (get it? nvm) on top.

Edited by LoganDark, 29 March 2016 - 06:45 PM.


#34 LoganDark

  • Members
  • 231 posts
  • LocationMacintosh HD/Users/LoganDark

Posted 01 April 2016 - 02:30 PM

[edit: sorry, quoted wrong post]

View PostLDDestroier, on 29 March 2016 - 05:59 PM, said:

I think the lock is pretty good. It's certainly more animated than the previous version, even when hashing (which, wouldn't that make it take longer to hash, slightly?)

But mine looks better!!!

Funny, I was playing Portal 2.

"HOW'S YOUR DAY, BECAUSE I'M A POTATO!" - GLaDOS pecked by birds.

Edited by LoganDark, 02 April 2016 - 12:02 AM.


#35 LoganDark

  • Members
  • 231 posts
  • LocationMacintosh HD/Users/LoganDark

Posted 05 April 2016 - 05:30 PM

View PostLDDestroier, on 29 March 2016 - 05:59 PM, said:

I think the lock is pretty good. It's certainly more animated than the previous version, even when hashing (which, wouldn't that make it take longer to hash, slightly?)

But mine looks better!!!

Which one would you choose: Looks or security? It's hard to have both.

#36 Anavrins

  • Members
  • 775 posts

Posted 05 April 2016 - 06:07 PM

View PostLoganDark, on 05 April 2016 - 05:30 PM, said:

Which one would you choose: Looks or security? It's hard to have both.
I don't see why looks would impair security, it's usually the convenience that's a problem when designing security applications.
Example, most CC locks are good, but you can't make a password reminder thing without giving away some security, Krist's addresses are robust, but you'll loose everything if you forget your pwd, no password recovery either.

Edited by Anavrins, 05 April 2016 - 06:08 PM.


#37 LoganDark

  • Members
  • 231 posts
  • LocationMacintosh HD/Users/LoganDark

Posted 05 April 2016 - 07:43 PM

View PostAnavrins, on 05 April 2016 - 06:07 PM, said:

View PostLoganDark, on 05 April 2016 - 05:30 PM, said:

Which one would you choose: Looks or security? It's hard to have both.
I don't see why looks would impair security, it's usually the convenience that's a problem when designing security applications.
Example, most CC locks are good, but you can't make a password reminder thing without giving away some security, Krist's addresses are robust, but you'll loose everything if you forget your pwd, no password recovery either.

View PostLoganDark, on 05 April 2016 - 05:30 PM, said:

Which one would you choose: Looks or security? It's h-a-r-d (not impossible) to have both.


#38 Anavrins

  • Members
  • 775 posts

Posted 05 April 2016 - 09:08 PM

View PostLoganDark, on 05 April 2016 - 05:30 PM, said:

Which one would you choose: Looks or security? It's h-a-r-d (not impossible) to have both.
You don't get what I'm saying, you could make your lock very visually appealing and it would not improve nor degrade its security back-end.

What I meant is that there's a trade-off for user conveniences in exchange of security, such as password recovery, security questions.
The visuals of a program has nothing to do with the security of it.

tl;dr, It's e-a-s-y to have both looks and security, not so much if you want a password recovery mechanism.

Edited by Anavrins, 05 April 2016 - 09:19 PM.


#39 LoganDark

  • Members
  • 231 posts
  • LocationMacintosh HD/Users/LoganDark

Posted 05 April 2016 - 09:59 PM

View PostAnavrins, on 05 April 2016 - 09:08 PM, said:

View PostLoganDark, on 05 April 2016 - 05:30 PM, said:

Which one would you choose: Looks or security? It's h-a-r-d (not impossible) to have both.
You don't get what I'm saying, you could make your lock very visually appealing and it would not improve nor degrade its security back-end.

What I meant is that there's a trade-off for user conveniences in exchange of security, such as password recovery, security questions.
The visuals of a program has nothing to do with the security of it.

tl;dr, It's e-a-s-y to have both looks and security, not so much if you want a password recovery mechanism.

I get that, but the problem is if you're not making it yourself you can't find a good lock. Basically, if you search for one that just looks good, you'll find one that does NOT block termination and stores the password in plaintext. If you search for one with security, you will find mine (:P). I'm trying to focus on security while not distracting the user with all this prettyness.

#40 Anavrins

  • Members
  • 775 posts

Posted 05 April 2016 - 11:51 PM

Again, completely missing the point... I'm done, I wish you good luck with your programs.

Edited by Anavrins, 05 April 2016 - 11:54 PM.






1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users