A qt application that allows the user to create an account (username and password) through a one way cryptographic function (SHA256). Program also creates a salt to be added to the pre-hash password to safeguard passwords in storage. Password and salt is stored in SQLite as hashed. User is able to change their password as well and see through the console of what the one way function hashes out. The program demonstrates the importance of using a one-way cryptographic function rather than 'encryption' so no one can decrypt the password back to the original text.
When creating a login account/record:
- Generate random salt.
- Append or prepend the salt value to the user's password.
- Hash the combination of password and salt (using something strong, like SHA256).
- Store the user name, the hashed value and the salt in the database.
When the user attempts to sign in:
- Load the salt value associated with the username.
- Append or prepend (ie. do the same as when they registered) the salt to the supplied password.
- Hash the combination, compare that to the stored hash. If they're different, sign-in fails.
C++ Language
Run in Qt 5.11.0
- Kenneth Casimiro - Programmer - kencasimiro
See also the list of contributors who participated in this project.