how is this secure?
|
I made this to store my passwords. (Yes I'm actually going to use it) It's secure, as it uses an MD5 encryption. The only way to get the valid password is by changing the byte values with the actual one.
The passwords are stored in:
You set a master password that is able to decrypt all stored passwords.C:\\Program Files\\Colby's Password Manager\\
Basically, you can set it so if you type "rune-server" to print out your rune-server password. It supports adding and deleting saved passwords, setting a new master password, and theres a reset command to reset all saved passwords.
The only downside is that passwords cannot contain these characters:
Since each one it stored in a file name./ \\ * : ? \" < > |
Remember, to prevent possible corruption, always exit using the "exit" command.
Direct download of precompiled .jar: (Just double click the batch)
http://www.mediafire.com/?ytmyntmyoyd
Type "help" to list all commands:
Code:System.out.println("Here is a list of commands:"); System.out.println("- Type \"get\" to get a previously stored password."); System.out.println("- Type \"set\" to set a new password to store."); System.out.println("- Type \"setmaster\" to set a new master password."); System.out.println("- Type \"exit\" to exit."); System.out.println("- Type \"reset\" to delete ALL passwords."); System.out.println("- Typr \"delete\" to delete a single password."); System.out.println("Other stuff:"); System.out.println("- Keywords cannot conatin any of the following: / \\ * : ? \" < > |");Code:import java.io.BufferedReader; import java.io.BufferedWriter; import java.io.File; import java.io.FileReader; import java.io.FileWriter; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.util.Scanner; /** * Stores passwords. * @author Colby */ public class PasswordStorage { public static void main(String[] args) throws Exception { System.out.println("Welcome to Colby's Password Manager."); System.out.println(); if (isFirstRun()) { System.out.println("This is the first time you have run this application."); System.out.println("In the future, please enter \"help\" for a list of commands."); System.out.println("Please enter a master password: "); String newMaster = in.nextLine(); new File(STORE + "FIRSTRUN").mkdirs(); setMasterPassword(newMaster); System.out.println(); } validate(); System.out.println(); while (true) { System.out.println("Please enter a command: "); String command = in.nextLine(); if (command.equalsIgnoreCase("help")) { displayHelp(); } else if (command.equalsIgnoreCase("get")) { getPassword(); } else if (command.equalsIgnoreCase("set")) { setPassword(); } else if (command.equalsIgnoreCase("setmaster")) { setMasterPassword(); } else if (command.equalsIgnoreCase("delete")) { deletePassword(); } else if (command.equalsIgnoreCase("reset")) { resetProgram(); } else if (command.equals("exit")) { System.out.println("Goodbye!"); System.exit(0); } else { System.out.println("Invalid command. Type \"help\" for a help."); } System.out.println(); } } public static void resetProgram() throws Exception { System.out.println("WARNING! This feature will erase ALL saved passwords and the master password."); System.out.println("Type \"yes\" to delete all passwords, or \"no\" to abort."); String input = in.nextLine(); if (input.equalsIgnoreCase("yes")) { File[] files = new File(STORE).listFiles(); for (File f : files) { System.out.println("Deleting: " + f.getName()); f.delete(); } System.out.println("All files delted!"); System.out.println(); main(new String[0]); } else { System.out.println("Aborted."); } } public static void deletePassword() { System.out.println("Please enter the keyword associated with the password you wish to delete:"); String keyword = in.nextLine(); File store = new File(keyword); if (store.exists()) { System.out.println("Sucessfully deleted password storage for: " + keyword); } else { System.out.println("Invalid keyword."); } } public static boolean isFirstRun() { return !new File(STORE + "FIRSTRUN").exists(); } public static void setPassword() throws Exception { BufferedWriter storeFile = null; try { System.out.println("Enter the keyword you wish to be associated with the new password:"); String keyword = in.nextLine(); if (keyword.length() < 1) { System.out.println("Invalid keyword."); return; } storeFile = new BufferedWriter(new FileWriter(STORE + keyword)); System.out.println("Please enter a password for this keyword: "); char[] newPassword = in.nextLine().toCharArray(); char[] masterPassword = PasswordStorage.masterPassword.toCharArray(); for (int i = 0, i2 = 0; i < newPassword.length; i++, i2++) { if (i2 == masterPassword.length - 1) { i2 = 0; } newPassword[i] += masterPassword[i2]; } storeFile.write(new String(newPassword)); System.out.println("Password sucesfully set!"); } finally { if (storeFile != null) { storeFile.flush(); storeFile.close(); } } } public static void getPassword() throws Exception { BufferedReader storeFile = null; try { System.out.println("Please enter the keyword related to the password:"); String keyword = in.nextLine(); File store = new File(STORE + keyword); if (store.exists() && !store.isDirectory()) { storeFile = new BufferedReader(new FileReader(store)); char[] encodedPassword = storeFile.readLine().toCharArray(); char[] masterPassword = PasswordStorage.masterPassword.toCharArray(); for (int i = 0, i2 = 0; i < encodedPassword.length; i++, i2++) { if (i2 == masterPassword.length - 1) { i2 = 0; } encodedPassword[i] -= masterPassword[i2]; } System.out.println("Password to " + keyword + " is: "); System.out.println(new String(encodedPassword)); return; } System.out.println("Invalid keyword!"); } finally { if (storeFile != null) { storeFile.close(); } } } public static void setMasterPassword() throws Exception { System.out.println("Please enter a new master password: "); setMasterPassword(in.nextLine()); } public static void validate() throws Exception { for (int tries = 0; tries < 5; tries++) { System.out.println("Please enter the master password: "); if (validPassword(in.nextLine())) { System.out.println("Password validated! Welcome."); return; } System.out.println("Incorrect password! " + (4 - tries) + " attemps left."); } System.exit(0); } public static void displayHelp() { System.out.println("Here is a list of commands:"); System.out.println("- Type \"get\" to get a previously stored password."); System.out.println("- Type \"set\" to set a new password to store."); System.out.println("- Type \"setmaster\" to set a new master password."); System.out.println("- Type \"exit\" to exit."); System.out.println("- Type \"reset\" to delete ALL passwords."); System.out.println("- Typr \"delete\" to delete a single password."); System.out.println("Other stuff:"); System.out.println("- Keywords cannot conatin any of the following: / \\ * : ? \" < > |"); } public static void setMasterPassword(String newPassword) throws Exception { BufferedWriter storeFile = null; try { storeFile = new BufferedWriter(new FileWriter(STORE + "MASTER")); storeFile.write(new String(compute(newPassword))); } finally { if (storeFile != null) { storeFile.flush(); storeFile.close(); } } System.out.println("New master password set!"); } public static boolean validPassword(String password) throws Exception, NoSuchAlgorithmException { masterPassword = password; BufferedReader storeFile = null; try { storeFile = new BufferedReader(new FileReader(STORE + "MASTER")); String actualMD5 = storeFile.readLine(); String attemptMD5 = compute(password); return actualMD5.equals(attemptMD5); } finally { if (storeFile != null) { storeFile.close(); } } } private static String compute(String input) throws NoSuchAlgorithmException { byte[] md5Bytes = MessageDigest.getInstance("MD5").digest(input.getBytes()); StringBuffer hexValue = new StringBuffer(); for (byte element : md5Bytes) { int val = element & 0xff; if (val < 16) { hexValue.append("0"); } hexValue.append(Integer.toHexString(val)); } return hexValue.toString(); } public static String masterPassword; public static Scanner in = new Scanner(System.in); public static final String STORE = "C:\\Program Files\\Colby's Password Manager\\"; }
how is this secure?
that was for your master password, not the sub passwords.
Okay, just used MD5 for the master. So obvious lol.
md5 isn't reversible.
EDIT: I see now, it just merges your password + the master password together.
yeah, what if i just make my own program to use the master password file and then im in...this isnt secure.
« Previous Thread | Next Thread » |
Thread Information |
Users Browsing this ThreadThere are currently 1 users browsing this thread. (0 members and 1 guests) |