Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

#326 Space as Password character (masking)

open
nobody
None
5
2007-08-29
2005-02-28
Michael Scheer
No

To increase security a bit, I recommend changing
the password char to a simple space ((TCHAR)
0x20) instead of _T('z)+27.

Reason: Harder for an attacker (who watches over
your shoulder) to count characters.

Discussion

  • Michael Scheer
    Michael Scheer
    2005-03-02

    Logged In: YES
    user_id=999143

    How about such a fuzzy mess?-)

    void CPasswordDlg::OnChangeEditPassword()
    {
    UpdateData(TRUE);
    EraseCString(&m_strPassword);
    m_pEditPw.GetWindowText(m_strPassword);
    NewGUI_ShowQualityMeter(&m_cPassQuality,
    GetDlgItem(IDC_STATIC_PASSBITS), (LPCTSTR)
    m_strPassword);
    EraseCString(&m_strPassword);
    EnableClientWindows();
    //nderung MSC
    srand((unsigned)time(NULL));
    int leerzeichentyp = (rand() % 2);
    if(leerzeichentyp == 0)
    {
    TCHAR tchDot = (TCHAR)0x20;
    m_pEditPw.SetPasswordChar(tchDot);
    }
    else
    {
    TCHAR tchDot = (TCHAR)0xA0;
    m_pEditPw.SetPasswordChar(tchDot);
    }
    }

     
  • Logged In: NO

    To squeller, as keepass is open source you can fix this on
    your own.

     
  • Dominik Reichl
    Dominik Reichl
    2007-08-29

    • summary: Space as Password character --> Space as Password character (masking)