Re: Re:simple text encrypt / decrypt

Tech-Archive recommends: Fix windows errors by optimizing your registry

"Al Dunbar" <alandrub@xxxxxxxxxxx> schrieb im Newsbeitrag
news:ukFY0PO8JHA.5400@xxxxxxxxxxxxxxxxxxxxxxx

"Heinz" <Spacewalker4711(noSpam)@hotmail.com> wrote in message
news:uaVlOON8JHA.1488@xxxxxxxxxxxxxxxxxxxxxxx
"rahulji" <rahuljiv@xxxxxxxxx> schrieb im Newsbeitrag
news:064c21f4734641fa97b49da4a16693d4@xxxxxxxxxxxxx
Hi,
I have a different requirement.
i wrote a script which will contain an username and password of an FTP
server to which it will upload the data.

i want to encrypt these username and password using DPAPIs so that no
one
can read them.

can anyone help in this regard?

url:http://www.ureader.com/msg/1675127.aspx

I think it depends on what you want to achieve:
if your concern is that somebody can snif username and password from your
LAN or on the internet then maybe you need something like VPN or SFTP
if you want to prevent that somebody reads the VBS sourccode then you can
:
-compile the VBS to an (encrypted) .exe file (there are tools availlabe
doing this)

But, again, just how secure is that encrypted information? The executable
must contain the code required to de-crypt the encrypted portions of the
executable, so reverse engineering is possible.

Well, tools like http://www.abyssmedia.com/scriptcryptor/index.shtml will
"compile" and encrypt VBS code to an .exe using Blowfish (an
industry-standard strong encryption algorithm).
The tool uses a strong random password for encrypting the .exe - and when
executed the exe decrypts itself "on the fly" (to memory, not to disk)
This should be sufficient for most users I think and it's a good option for
distributing confidential VBS sourcecode

Heinz


.

Relevant Pages

  • Re: WSE 3.0 + UserNameToken without X.509 Cert/Kerberos + Signing + Encryption How?
    ... message security and thefore it does not encrypt the message. ... You need to combine this assertion with a secure transport like SSL if you ... between client and server using a UserNameToken that passes the UserName ...
    (microsoft.public.dotnet.framework.webservices.enhancements)
  • Re: WSE 2.0 SP2: UsernameTokens must be encrypted to request SCT?
    ... William Stacey, MVP ... > The SecurityTokenServiceClient class will now automatically encrypt any ... > Username tokens included in a request. ...
    (microsoft.public.dotnet.framework.webservices.enhancements)
  • Re: Encrypt a UsernameToken Authenticated WSE Response
    ... username and passwort und the data is symmetric encrypted, ... >> Decrypt) a SOAP Message by Using a Username and Password". ... But when I start my Client Application and call my ... >>> so that is used to generate a key to encrypt with. ...
    (microsoft.public.dotnet.framework.webservices.enhancements)
  • Password security
    ... choosing relies on AES ecryption, where the password is converted to a ... key, and the key is used to encrypt a text, which is compared to see if ... The user name is written in the section of the most signifigant bits ... however, depending on the size of the username and password, these 2 ...
    (sci.crypt)
  • Re: WSE 3.0 cert question
    ... Since you are using SSL, the username token will be encrypted ... encrypt this UsernameToken so using an X509 cert sounds like the logical ... boxes (click-once install only) so making the client install a cert into ...
    (microsoft.public.dotnet.framework.webservices.enhancements)