Ok CarnageX... I took your advice like 8 months later. I'm finally deciding to get into powershell. Now the question is, how do I create a secure password verification system.
I can do this:
but then the password is stored as a secure string and I'm not sure if it's possible to compare two secure strings to one another since they'd be generated with different encryption keys. Anyone got any ideas?
I'm attempting to take this:
and make it more secure by encrypting the login details as secure strings.
EDIT: I looked at using two .txt files and using them for references, however I'd prefer it if I could simply just have it all in the one file like it was in batch, using the user input and verifying against an encrypted string inside the file. The AES key could be stored in the program file because quite frankly, I don't think high school students are going to have the level of intelligence required to decrypt a 256 bit AES string using a 32 bit byte array.
OR I could set it up so that you need the AES Key and the password as user input, otherwise it fails. Any way to do this?
I can do this:
Code:
$SecurePassword = Read-Host -Prompt 'Type the password' -AsSecureString
but then the password is stored as a secure string and I'm not sure if it's possible to compare two secure strings to one another since they'd be generated with different encryption keys. Anyone got any ideas?
I'm attempting to take this:
Code:
%password%=Example
set/p pass=Type the password
IF %pass%==%password% goto Login
else goto Fail
and make it more secure by encrypting the login details as secure strings.
EDIT: I looked at using two .txt files and using them for references, however I'd prefer it if I could simply just have it all in the one file like it was in batch, using the user input and verifying against an encrypted string inside the file. The AES key could be stored in the program file because quite frankly, I don't think high school students are going to have the level of intelligence required to decrypt a 256 bit AES string using a 32 bit byte array.
OR I could set it up so that you need the AES Key and the password as user input, otherwise it fails. Any way to do this?
Last edited: