Solved Password Protecting a Database.

[HillTJ]

Friends, I have some vague idea of protecting a project for some kind of "trial" period. My thoughts so far are to encrypt the users email address using an RC4 technique & using that for the 'product key'. Talking of "key" I don't wish to keep the encryption/decryption key in a table, which seems a bit obvious & have come across an interesting technique where I can save the encryption/decryption 'key' as a database property.

I've been playing with some code & got it all working, but question whether it is a good idea or not to save the 'key' as described.

I'm open to suggestions & welcome feedback.

Cheers.

 

[arnelgp]

put the "key" in a module or as a Custom property of your db.

 

[CJ_London]

Using properties instead of tables is a common technique. Others include modifying the registry or creating a hidden file somewhere.

specifically for the key, consider using a calculated value, perhaps generated in a function

 

[arnelgp]

i also made a "simple" trial db here.
Annual subscription requirement process | Access World Forums (access-programmers.co.uk)

 

[ahmedjamalaboelez]

I do following in my application
i keep the key in table appear to user but its more than 250 character key collect

hexdecimal 2 times Lenth of (harddriver serial & "/\" & Machine name & "/\" &username ) any time you want
hexdicimal 2 times value of (harddriver serial & "/\" & Machine name & "/\" & username ) any time you want
then convert 2 times Base64 hexdecimal Lenth & "/\" & hexdicimal value any time you want
then encrypt RC4 for the full Key

 

[HillTJ]

Friends, thanks. It appears that my 'discovery' has some merit. @arnelgp , i shall have a look @ your demo. Cheers & thanks for the prompt response.

 

[isladogs]

Suggest you also encrypt the key itself using a different method as properties, constants, tempvars and variables can all be read...even in an encrypted ACCDE file

 

[HillTJ]

@isladogs , never thought of that. Good idea.