1

I'm trying to make an app for my own use secured with 5 passwords and have all my passwords and pins in it if u type all 5 passwords correctly.

and I'm wondering if i add the passwords programatically and build the app so everything is inside the textfields or in source files in string codes can people hack into the app and get the passwords.

thats an example of what I'm doing

is something like that easy to hack into and find the passwords

.h file

#import <Cocoa/Cocoa.h>

@interface AppDelegate : NSObject <NSApplicationDelegate>

@property (assign) IBOutlet NSWindow *window;
@property (weak) IBOutlet NSTabView *Tab;
@property (weak) IBOutlet NSTextField *FirstPassword;
@property (weak) IBOutlet NSTextField *SecondPassword;
@property (weak) IBOutlet NSTextField *ThirdPassword;
@property (weak) IBOutlet NSTextField *FourthPassword;
@property (weak) IBOutlet NSTextField *FifthPassword;

-(IBAction)Unlock:(id)sender;
-(IBAction)CorrectPassword:(id)sender;
-(IBAction)IncorrectPassword:(id)sender;
-(IBAction)CheckRandomDigit:(id)sender;

@property (weak) IBOutlet NSTextField *AttemptsLeft1;
@property (weak) IBOutlet NSTextField *AttemptsLeft2;
@property (weak) IBOutlet NSButton *IncorrectPassword;
@property (unsafe_unretained) IBOutlet NSPanel *TheSheet;

@property (weak) IBOutlet NSTextField *RandomDigit;
@property (weak) IBOutlet NSTextField *RandonDigitverify;

@end

.m file

#import "AppDelegate.h"
#define Random 0x1

@implementation AppDelegate



- (void)applicationDidFinishLaunching:(NSNotification *)aNotification
{
    double result = ((double)arc4random() / Random);
    [_RandomDigit setStringValue:[NSString stringWithFormat:@"%.0f", result]];
}


-(IBAction)Unlock:(id)sender{
    if ([_FirstPassword.stringValue isEqualToString:@"Password1"]&&[_SecondPassword.stringValue isEqualToString:@"Password2"]&&[_ThirdPassword.stringValue isEqualToString:@"Password3"]&&[_FourthPassword.stringValue isEqualToString:@"Password4"]&&[_FifthPassword.stringValue isEqualToString:@"Password5"]) {
        [_Tab selectTabViewItemAtIndex:1];
        [_AttemptsLeft1 setStringValue:@"5"];
        [_AttemptsLeft2 setStringValue:@"5"];
    } else {
        [_Tab selectTabViewItemAtIndex:2];
       int attempts = [_AttemptsLeft1 intValue] -1;
        [_AttemptsLeft1 setIntValue:attempts];
        [_AttemptsLeft2 setIntValue:attempts];
        if ([_AttemptsLeft1.stringValue isEqualToString:@"0"]) {
            [_IncorrectPassword setEnabled:NO];
            [NSApp beginSheet:_TheSheet
               modalForWindow:(NSWindow *)_window
                modalDelegate:self
               didEndSelector:nil
                  contextInfo:nil];
        }
    }
}

-(IBAction)CorrectPassword:(id)sender{
    [_Tab selectTabViewItemAtIndex:3];
    [_FirstPassword setStringValue:@""];
    [_SecondPassword setStringValue:@""];
    [_ThirdPassword setStringValue:@""];
    [_FourthPassword setStringValue:@""];
    [_FifthPassword setStringValue:@""];
}

-(IBAction)IncorrectPassword:(id)sender{
    [_Tab selectTabViewItemAtIndex:0];
    [_FirstPassword setStringValue:@""];
    [_SecondPassword setStringValue:@""];
    [_ThirdPassword setStringValue:@""];
    [_FourthPassword setStringValue:@""];
    [_FifthPassword setStringValue:@""];
}

-(IBAction)CheckRandomDigit:(id)sender{
    if ([_RandonDigitverify floatValue] == [_RandomDigit floatValue]) {
        [_AttemptsLeft1 setStringValue:@"1"];
        [_AttemptsLeft2 setStringValue:@"1"];
        [NSApp endSheet:_TheSheet];
        [_TheSheet orderOut:sender];
        [_IncorrectPassword setEnabled:YES];
        double result = ((double)arc4random() / Random);
    [_RandomDigit setStringValue:[NSString stringWithFormat:@"%.0f", result]];
    } else {
        double result = ((double)arc4random() / Random);
    [_RandomDigit setStringValue:[NSString stringWithFormat:@"%.0f", result]];
    }
}

@end

that should be a window with 4 tabs first tab 5 textfields for the passwords and a button to check the password and a textfield stating attempts left

second tab if i enter the 5 correct passwords in the first tab it should take me to second tab where it have a button that takes me to the tabs with my secure data

third tab if i enter incorrect passwords i get there

fourth tab is the one with all the passwords and pins

and a panel which should act as a sheet that appears if i have 0 attempts left and ask to verify the code above to get more attempts its there to slow people down from trying to guess the 5 passwords

is doing something like that secure enough

this app is for me to use to secure my own data

my question is is it possible to find the string values for the passwords and if i put my passwords in the fields is it possible to finds them not using anything like nsuserdefaults so the data should stay in the app itself

user3789769
  • 11
  • 1

2 Answers2

1

Passwords should never be hard coded and maintained in the plain text format.

user1493834
  • 756
  • 4
  • 11
  • 25
0

Its never safe to store the passwords as it is even in database. A low level security for password authentication is storing md5() value of given input. Thats how most of the web sites work.

Of course there are lot of levels of securing the password but it all depends on how much the app is exposed to the outer world.

In your case I would ensure that the app is protected, and even if your application gets stolen(copied) it should not expose any crucial data. Reason for avoiding hard coding password in your class files is because binaries can be decompiled and there is a huge risk of exposing all of your passwords.

Simple alternative is to use Core Data to store all of your passwords in an encrypted manner. (works most of the times).

To make it more complex:

You might consider storing your passwords in encrypted format in a file located on a USB disk accessible only to you. That way you are creating two components without either your app would not function properly.

Community
  • 1
  • 1
GoodSp33d
  • 6,252
  • 4
  • 35
  • 67