Quote:
|
Originally Posted by Rory
Bear in mind that if this is actually going in for real life use, and is protecting sensitive information, it could be trivially defeated.
If you actually designing this for a public system or something and want this to be secure in any way or robust enough for public exposure, you firstly need to authenticate by comparing hashes rather than values directly (you are opening yourself to memory inspection and disassembly attacks).
Also protect the variable address using the RTL Api (VarPtr) and call SecureZeroMemoryW on it when you are finished (under Windows), as the garbage collection in VB6 is notoriously bad and sometimes doesn't happen. Consult the NTLM reference on MSDN, as it has good documentation on general memory sanitization in VB6.
Alternatively use a language that deals with memory properly, or use an purpose built external authentication system.
|
umm im quit newb i didnt get much of that information O.o, but ill look into it for the future. It's not for any real life use just for fun, thanks tho. so anyone know why it says that error? is the tutorial missing something?
::edit::
figured it out
had to add that to the end