PIN Protected Passwords/Strings

Post your working scripts, libraries and tools
User avatar
Masonjar13
Posts: 1347
Joined: 20 Jul 2014, 10:16
GitHub: Masonjar13
Location: Не Россия

PIN Protected Passwords/Strings

27 Jun 2017, 21:45

I've had this thought for a while now, and decided to finally give it a go. Simple object that uses PBKDF2+SHA512 and AES256 to save passwords behind a PIN. Technically, there are no limitations on the PIN, so it may be of any length, using any characters. You could also get more creative and use an alternate method of a PIN, such as system info. All encrypted strings are saved to a file at the specified location, or the default location.

External libraries used:
- Crypt by Deo
- AHK_CNG by jNizm (Hopefully, this will replace Crypt once he has completed the library. I would be using his AES + CBC, but.. I'm not sure how exactly it works, or how I would implement it correctly here.)

Best practices when using this library:

Using this library doesn't automatically make your passwords/strings safe. There are a few things you need to take into account:
  • Do not use static strings for the PIN. Get the PIN (via prompting the user or otherwise), set the PIN, then erase the variable that held the plain-text pin. This ensures that a memory leak/hook/etc. won't give out the PIN.
  • After you've retrieved the string, use it for what you need, then wipe that variable as well.
  • The hash of the PIN is what the strings are encrypted with as the key. The hashed PIN is stored in a generated, temporary key. This temporary key is regenerated every time it's used or if a new PIN is set. Using SetTimer, one could call _decryptTempKey() (not saving the return) to constantly change the temporary key.

    *Note: if anyone has a better suggestion for PIN keeping, please let me know!

Download from GitHub


Custom file-type methods



INI methods
User avatar
Masonjar13
Posts: 1347
Joined: 20 Jul 2014, 10:16
GitHub: Masonjar13
Location: Не Россия

Re: PIN Protected Passwords/Strings

21 Jul 2017, 15:34

Big update!

Took a while, but I made a very simplistic file layout, based on key-value pairs, which encodes to Base64. I don't have the keys encoded though, should I change that?

Method edits are in the OP. Mostly the same, except it now only accepts a file path for __New() and key and str parameters have been switched.
User avatar
Masonjar13
Posts: 1347
Joined: 20 Jul 2014, 10:16
GitHub: Masonjar13
Location: Не Россия

Re: PIN Protected Passwords/Strings

14 Apr 2018, 15:08

Update!

Added listKeys method (returns array-object of all found keys)

Return to “Scripts and Functions”

Who is online

Users browsing this forum: No registered users and 16 guests