将密码保存在应用程序中 [英] Saving passwords inside an application
问题描述
我正在编写一个应用程序,需要读取用户名和密码并存储它们,以便程序可以稍后再次读取它们。
I am writing an application that needs to read a user name and password and store them so that the program can read them again later. Storing it in some variables sounds like a stupid idea.
发现KDE 图书馆,但它有太大的依赖性,我是太新手程序员来理解如何使用它。
Found that KDE library, but it has too huge dependency, and I am too newbie programmer to understand how to use it.
存储密码的常用方法是什么,以及如何解决我的问题?
What are the common Methods to storing passwords, and how I can solve my problem?
推荐答案
这取决于您要如何处理这些信息。
It depends on what you are going to do with the information.
如果要使用名称和密码访问某些外部服务(但用户将不得不在下次运行程序时重新输入信息),然后将它们存储在一些变量中就OK了。可能明智的做法是将它们加密(至少,存储密码加密),以使其在核心转储或等效项中不可见。当需要密码时,您将其解密,使用它,然后写入存储解密版本的位置(切换它)。 (注意:哈希在此上下文中是不合适的;您需要能够看到密码,并且您不能撤消哈希)。您可以决定将信息存储在程序外(在磁盘文件中),但它似乎没有必要。注意,二进制将仍然包含加密密钥(和加密算法),并且加密数据比您的程序的平均内容更随机,因此真正隐藏加密密码实际上是非常困难的(verging不可能)。然而,你可以使它足够困难,它会阻止除了最确定的攻击者之外的所有。
If you are going to use the name and password to access some external service (but the user will have to reenter the information the next time the program is run), then storing them in some variables is OK. It might be wise to store them encrypted (at least, store the password encrypted) so that it is not visible in core dumps or the equivalent. When the password is needed, you decrypt it, use it, and then write over where the decrypted version was stored (zapping it). (Note: hashing is not appropriate in this context; you need to be able to see the password, and you can't undo a hash.) You could decide to store the information outside the program (in a disk file), but it doesn't seem necessary. Note that the binary will still contain the encryption key (and encryption algorithm), and encrypted data is more random than the average contents of your program, so to really conceal the encrypted password is actually very difficult (verging on impossible). However, you can make it hard enough that it will stop all but the most determined attackers.
如果你要将用户名和密码存储为永久记录,您可以验证同一用户将来访问该信息,那么您必须使用该程序外部的存储;您将使用一个简单的数据库,如果您确保解决任何并发问题,它可能像纯文本文件一样简单。在这种情况下,您将使用一些salt哈希密码,您将以这样的方式存储用户名,salt和哈希密码,给定用户名,您可以很容易地找到其他两个值。
If you are going to store the username and password as a permanent record so that you can validate that the same user is accessing the information in the future, then you must use storage external to the program; you will use a simple database, which might be as simple as a plain text file if you ensure you resolve any concurrency issues. In this case, you will hash the password with some salt, and you'll store the username, salt and hashed password in such a way that given the username, you can easily find the other two values.
Night Walker评论:
Night Walker comments:
我使用该密码访问一些Web数据库,所以我需要它存储在我的应用程序中,在第一次输入。你确定一个纯文本文件是聪明的想法吗?
I use that password to access some web database, so I need it stored in my application after it is entered for the first time. Are you sure a plain text file is that smart an idea?
这取决于你如何设想'存储在我的应用程序'。您不能修改可执行文件,或至少不应尝试这样做。所以,你需要看它作为永久记录存储在某种文件与应用程序可执行文件分开。另一方面,你面对与我概述的不同的问题 - 你不是用信息验证用户;您需要根据需要解密信息以发送到其他应用程序。
It depends on how you conceive 'stored in my application'. You can't modify the executable, or at least shouldn't try to do so. So, you need to look on it as a permanent record stored in some sort of file separate from the application executable. On the other hand, you do face a different problem from what I outlined - you are not authenticating the user with the information; you need to decrypt the information on demand to send on to other applications.
首先,这意味着盐和哈希不相关;您需要反转屏蔽操作,并且不能反转散列。
First off, that means that salts and hashes are not relevant; you need to reverse the masking operation, and you can't reverse a hash.
接下来,您需要决定如何在重新出现时识别应用程序的用户。用户是否必须输入一些密码才能获得自己的数据,或者您只需依赖操作系统权限或其他方案。
Next, you need to decide how you will identify the user of your application upon reappearance. Will the user be obliged to enter some password to get to their own data, or will you simply rely on the operating system privileges, or some other scheme.
如果用户必须在您的应用程序中输入一些密码才能开始,那么您可以考虑使用该密码(或其散列,与用于识别应用程序密码的密码散列不同)来加密外部应用程序的用户名/密码组合。然后,您可以将用户名和为了参数的原因将加密密码的Base-64编码版本存储到文本文件中;这与应用程序密码一样安全,它以原始的salted哈希格式存储。当用户返回时,他们必须提供他们的应用程序用户名和密码,您可以根据存储的值验证该组合,然后使用密码解密外部应用程序的密码。
If the user must enter some password into your application to get going, then you can consider using that password (or a hash of it, distinct from the password hash used to recognize the password to the application) to encrypt the username/password combination for the external application. You can then store the username and, for sake of argument, a Base-64 encoded version of the encrypted password into a text file; this is as safe as the application password, which is stored in the original salted hash format. When the user returns, they have to supply their application username and password, and you can validate that combination against the stored values, and then use the password to decrypt the password to the external application.
如果用户没有输入密码,那么你可以做更多的限制。您必须能够从某种可用的信息确定一个密钥,可用于将用户的加密密码存储在受限位置(例如其主目录下的子目录,没有组或公共访问)的文件中:
If the user does not enter a password, then you are more restricted in what you can do. You have to be able to determine a key somehow from the information available to you that can be used to store the user's encrypted password in a file in a restricted location such as a sub-directory underneath their home directory with no group or public access:
mkdir ~/.appname
chmod 700 ~/.appname
cp /dev/null ~/.appname/app.key
...store the encrypted information...
chmod 500 ~/.appname
chmod 400 ~/.appname/app.key
这不太令人满意,因为即使您将固定键与用户名称组合,也就是说,有人可以工作什么关键是(和加密技术)和逆向工程。 (加密数据的保密性取决于密钥;当密钥可由程序确定时,它也可由确定的攻击者确定。到目前为止,最好是依靠用户提供密钥(或密码或pass短语);然后应用程序不存储任何攻击者可以离线使用的任何东西。
This is less satisfactory because even if you combine a fixed key with the user's name, say, the chances are that someone can work out what that key is (and the encryption technology) and reverse engineer it. (The secrecy of encrypted data depends on the keys; when the key is determinable by the program, it is also determinable by a determined attacker. It is best, by far, to rely on the user to provide the key (or a password or pass phrase) at run-time; then the application does not store anything that an attacker can use offline.
这篇关于将密码保存在应用程序中的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
