Securely check an APPDATA variable
1 view (last 30 days)
Show older comments
Hi everyone,
I am experimenting with pcode and I considered adding password protection to my script. The basic idea is that the script should prompt the user for their password before execution of the main code.
The entered password is hashed according to Jan Simon's DataHash.m, and then checked against the p-coded hash. If the credentials are a match, I want to set a flag which prevents the user from being prompted again for their credentials until the next MATLAB session.
My initial idea was to set an APPDATA variable in the root, since this is automatically cleared once MATLAB is shut down. However, there is nothing stopping the user from looking up the names of the APPDATA variables with app=getappdata(0.0) and simply noticing the value of the flag. Then, for all future MATLAB sessions they could just set the same APPDATA variable with this flag and bypass the password check.
Since I am not well-versed in cryptography and data security, I am wondering if there is a straightforward way to obscure this "flag" so that it is non-trivial for the user to hack its value?
Thanks!
Louis
0 Comments
Answers (0)
See Also
Categories
Find more on Startup and Shutdown in Help Center and File Exchange
Community Treasure Hunt
Find the treasures in MATLAB Central and discover how the community can help you!
Start Hunting!
You can also select a web site from the following list
Americas
- América Latina (Español)
- Canada (English)
- United States (English)
Europe
- Belgium (English)
- Denmark (English)
- Deutschland (Deutsch)
- España (Español)
- Finland (English)
- France (Français)
- Ireland (English)
- Italia (Italiano)
- Luxembourg (English)
- Netherlands (English)
- Norway (English)
- Österreich (Deutsch)
- Portugal (English)
- Sweden (English)
- Switzerland
- United Kingdom (English)
Asia Pacific
- Australia (English)
- India (English)
- New Zealand (English)
- 中国
- 日本Japanese (日本語)
- 한국Korean (한국어)