Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 8 of 8
  1. #1
    New to the CF scene
    Join Date
    Sep 2005
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts

    JavaScript Kit Encrypted Password Generator Problem

    Hello guys,

    i got problem with this script...When i write the password the page address doesn't come encrypted but with the "password".htm in the address bar......
    I'll post the html code also if you could tell me where the problem is 10x in advance

    <html>

    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
    <title>Enter password</title>
    </head>

    <body>

    <script>

    var pass=new Array()
    var t3=""
    var lim=8
    pass[0]="zMnA9IWxvLwX45y"
    pass[1]="wnHlLF8CoTzX75B"
    pass[2]="y2pzB0xu7kZEjRw"
    pass[3]="ba065as7Uhi9ObC"
    pass[4]="8oQ9YZdJTLFYPCiJ"
    pass[5]="23oQ9YZdJTLFYPCi"

    var extension=".htm"
    var enablelocking=0
    var numletter="0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
    var temp3=''
    var cur=0


    function max(which){
    return (pass[Math.ceil(which)+(3&15)].substring(0,1))
    }

    function testit(input){
    temp=numletter.indexOf(input)
    var temp2=temp^parseInt(pass[phase1-1+(1|3)].substring(0,2))
    temp2=numletter.substring(temp2,temp2+1)
    return (temp2)
    }


    function submitentry(){
    t3=''
    verification=document.password1.password2.value
    phase1=Math.ceil(Math.random())-6+(2<<2)
    var indicate=true
    for (i=(1&2);i<window.max(Math.LOG10E);i++)
    t3+=testit(verification.charAt(i))
    for (i=(1&2);i<lim;i++){
    if (t3.charAt(i)!=pass[phase1+Math.round(Math.sin(Math.PI/2)-1)].charAt(i))
    indicate=false
    }
    if (verification.length!=window.max(Math.LOG10E))
    indicate=false
    if (indicate)
    window.location=verification+extension
    else
    alert("Invalid password. Please try again")
    }
    </script>



    <table border="1" cellspacing="0" cellpadding="0" bgcolor="#FFFFBD">
    <tr>
    <td width="100%"><form name="password1"><div align="center"><center><p><strong>Enter password: </strong><input
    type="text" name="password2" size="15"><br>
    <input type="button" value="Submit" onClick="submitentry()"></p>
    </center></div>
    </form>
    </td>
    </tr>
    </table>
    </body>

    </html>

  • #2
    Supreme Master coder! Philip M's Avatar
    Join Date
    Jun 2002
    Location
    London, England
    Posts
    18,146
    Thanks
    203
    Thanked 2,547 Times in 2,525 Posts
    I am afraid that this is a waste of time. Password scripts using JavaScript are useless, as anyone can simply read the source code.

    All passwords should be checked/verified server-side.

  • #3
    Regular Coder
    Join Date
    Aug 2005
    Location
    Toronto, ON, Canada
    Posts
    231
    Thanks
    0
    Thanked 0 Times in 0 Posts
    use https, or VPN or ...
    rm -f /

  • #4
    New to the CF scene
    Join Date
    Sep 2005
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts
    10x for advice but if u could tell me why i don't get the desired result i would be grateful.10x in advance.
    If u got other script or something i can use for protecting pages plz post here.

  • #5
    Master Coder felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, Australia
    Posts
    6,642
    Thanks
    0
    Thanked 649 Times in 639 Posts
    My page http://www.felgall.com/javatip4.htm discusses methods of password protecting a page and includes instructions for the two Javascript methods that are hardest to crack.
    Stephen
    Learn Modern JavaScript - http://javascriptexample.net/
    Helping others to solve their computer problem at http://www.felgall.com/

    Don't forget to start your JavaScript code with "use strict"; which makes it easier to find errors in your code.

  • #6
    Supreme Master coder! Philip M's Avatar
    Join Date
    Jun 2002
    Location
    London, England
    Posts
    18,146
    Thanks
    203
    Thanked 2,547 Times in 2,525 Posts
    If by "protecting a page" you mean preventing the user from copying your code, then that is impossible. The best you can do is make it harder and slow them down, which may very well deter many people, but may act as a challenge to others. Anyone with some coding expertise can soon break through Felgall's protection schemes (as Felgall admits).

    If you mean preventing someone who does not have the password from accessing your page in the first place, then you should study Borgtex's solution at

    http://www.codingforums.com/showthread.php?t=10114

  • #7
    New to the CF scene
    Join Date
    Sep 2005
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts
    10x all people,u really helped me,keep on good working all.

  • #8
    TNO
    TNO is offline
    Regular Coder
    Join Date
    Apr 2005
    Posts
    213
    Thanks
    2
    Thanked 1 Time in 1 Post
    I prefer this method for password protection:

    Code:
    function OneWay(S) { var j, x, y = 2e50
      x = '0.'+parseInt(S.value, 36)
      with (Math) { for (j=0;j<10;j++) x = tan(1+x+x*y%1)%1 }
      return ((x+1)/2).toString(36).substring(2) }
    This is a one way function that should work the same on all systems (if Math.tan() is the same on all systems)

    Here its impractical to deduce the password even if the encoded form is known.

    The returned string can then be used directly as part of the URL :

    Code:
    window.location.href = 'dir/X' + OneWay(Pswd) + '.htm'
    The author chooses the password, and from it determines the URL needed; have no other pages there with names starting 'X'.

    Note that the "hidden" URL will be discoverable once the correct password is used.

    To help show the security of this method:

    Can anyone decrypt this sample password?

    Code:
    jokqdbmyoqkp
    ~Credit goes to J R Stockton for the general idea.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •