I am writing a program which I need to prompt for a password. I do not want the users password to be echoed to the screen. I've tried getch, which my book says does not echo to the screen, but it does. How can I prompt for text and not have the text written to the screen?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
ok, you need to get a book.. make sure it is one with input and output streams to the console screen. You have to manipulate the iostream to read the character, store in a string, then replace the typed character with for instance '*' as a standard password char. or you could completely stop it from showing anything on the screen.. I would post code, but if you look it up for yourself, you will actually learn it, rather than just copy and paste.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
But take care. With this simplified approach it is fairly easy for someone with WORDPAD to edit the EXE file looking for nice words such as the password.
e.g. You may have an 'if' statement to check that the password is correct such as:
if (strcmp(psswd, "MyPass") == 0) {} ....
The "MyPass" will show up in the EXE file like a Chernobyl-ian dog in the dark!
I am sure that there are some crypto libs around but I am not and expert and therefore not able to point you in the right direction.
Just wanted to let you know about the security issue.
BlakJak :]
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I am writing a program which I need to prompt for a password. I do not want the users password to be echoed to the screen. I've tried getch, which my book says does not echo to the screen, but it does. How can I prompt for text and not have the text written to the screen?
What compilier are you running? getch() should work. Whereas getche() will echo. Send you code to curtis8@hotmail.com
Curtis
ok, you need to get a book.. make sure it is one with input and output streams to the console screen. You have to manipulate the iostream to read the character, store in a string, then replace the typed character with for instance '*' as a standard password char. or you could completely stop it from showing anything on the screen.. I would post code, but if you look it up for yourself, you will actually learn it, rather than just copy and paste.
But take care. With this simplified approach it is fairly easy for someone with WORDPAD to edit the EXE file looking for nice words such as the password.
e.g. You may have an 'if' statement to check that the password is correct such as:
if (strcmp(psswd, "MyPass") == 0) {} ....
The "MyPass" will show up in the EXE file like a Chernobyl-ian dog in the dark!
I am sure that there are some crypto libs around but I am not and expert and therefore not able to point you in the right direction.
Just wanted to let you know about the security issue.
BlakJak :]