Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
Cryptor - Password, Mode, Files and so on...
Message
From
24/02/2003 04:28:35
Viv Phillips
Hay-On-Wye, United Kingdom
 
General information
Forum:
Visual FoxPro
Category:
Third party products
Title:
Re: Cryptor - Password, Mode, Files and so on...
Miscellaneous
Thread ID:
00755667
Message ID:
00756884
Views:
7
Hi,

You still have not clarified whether anyone should be able to access the data outside of your application. Also are there concerns that one company using your application may then be able to access the data of another company ?

>
>1) About just the user has the password...
>The best option is only the company's owner that uses my prograns knows the >password... In this case, few people knows the password. But, suppose we >have a network with 15 or more computers and which one have to type this >password... The owner would have to go and type it... Can you imagine some >way to automatizate it and keep the security in a high level?
>

If a user is to be allowed access to the data why not provide them with the password ? This logic applies to any authentication system - it's like saying the company owner should go round and logon all the secretaries to Windows in the morning . Or do you mean you want your application to automatically recover the encryption key on startup ?

I think you're maybe trying to use Cryptor to enforce security in a way for which it is not intended. Cryptor is great for restricting access to data to specific applications. But if you need more fine-grained control then the application itself should take responsiblility for any additional authentication.

>
>2) About use WILDCARD with Crypt_Register()...
>
>So... Let me suppose that we have 15 files in a folder and we use >CRYPT_ENCODE() when the user sets the password... In this case, >Crypt_Register(*.*) will work fine...
>
>Then, some day, I need to copy more 2 files to this folder... This 2 files >will not be encrypt with Crypt_Encode() because I don't have the user's >password, ok? ... So, when the app starts and the user types the password, >Crypt_Register(*.*) will affect these 2 files too and I think it will not >work.


Best solution is probably an 'Import' option in your application (or a small standalone). If the folder containing the existing encrypted data is registered then registering the new files with the 'masterkey' and copying them to the main folder should do the trick.

HTH,
Viv
Previous
Next
Reply
Map
View

Click here to load this message in the networking platform