28.2 Component Crypt
The topics Encrypt and Decrypt gain importance when you want to protect sensitive data or access to programmes with a password (→ Chapter 28.3 OpenSSl). Gambas provides the component gb.crypt for these applications. The class Crypt allows you to encrypt a password. The methods Crypt.DES and Crypt.MD5 use the DES and MD5 algorithms to encrypt a password string. The Crypt.Check method allows you to compare the encrypted password with an entered (plaintext) password string.
- First, the methods Crypt.DES and Crypt.MD5 are presented.
- Then several projects show how given but covertly entered plaintext passwords are encrypted.
- Finally, application-oriented Gambas projects are presented in which the methods Crypt.DES, Crypt.MD5 and Crypt.Check are used.
In addition, some projects check whether the password input is a strong password. In my opinion, a strong password can be defined like this:
- The password consists of at least 8 characters.
- The password contains at least 1 capital letter.
- The password contains at least 1 lower case letter.
- The password contains at least 1 digit.
- The password contains at least 1 special character from a defined character set.
Figure 28.2.1: Password generator for strong passwords
With the presented password generator PWL8 you can randomly encrypt or decrypt passwords with a character set of your own choice. The encrypted passwords are used, for example, to protect your own Gambas programmes that are used to process sensitive data or to access this sensitive data itself.
Figure 28.2.2: Password generator PWL8
A special role in the context of passwords is played by the entry of the root password, as required for privileged tasks. Different approaches are presented, investigated and implemented in projects.