Jump to content

MS Access Form Field VBA Hashing

Florb

Hey,

 

Currently working on a project which includes the use of MS Access (Just don't bother asking why I didn't use SQL Server :P). Anyone have any ideas on how to implement this text one way hash code into a form field?

Public Function Encrypt(strIn As String, lngKEY as long) As String     Dim strChr As String     Dim i As Integer     For i = 1 To Len(strIn)          strChr = strChr & CStr(Asc(Mid(strIn, i, 1)) Xor lngKEY)     Next i          Encrypt = strChrEnd Function

Thanks!

 

Florb

Edited by Blade of Grass
Added code tags

CPU: Intel Core i7 5960X @4GHz cooled by a Corsair H110i GT | MBO: Asus X99 Sabertooth | RAM: Crucial Ballistix Sport 32GB DDR4 (4x8GB 2400MHz) | GPU: Gigabyte G1 Gaming GTX 980 | SSD: Samsung SM951 M.2 SSD | HDD: 1TB Western Digital Black Drive | PSU: Corsair HX750i | Case: Corsair Obsidian 450D 

Link to comment
Share on other sites

Link to post
Share on other sites

The code above is not a hashing function (because it is not one way). The 'lngKEY' key can be found by simply XORing any known characters in the password with the 'hashed' character. For example

Char: 10110111Key:  11101011XOR:  01011100 Security VulnerabilityXOR:  01011100 (gotten from, say, the database)Char: 10110111 (gotten from Letter Frequency Analysis)Key:  11101011 (gotten by XORing the top and middle)

The password can now be "decrypted" by XORing it with the found key. This might not seem like a big deal because you have to know the value of one character in the password, but it really is a huge vulnerability that breaks this algorithm. This type of encryption can be broken quite quickly using Letter Frequency Analysis because XORing characters is basically a Cesar shift. 

 

I highly suggest using one of the pre-made industry standard algorithms, like bcrypt or scrypt, to hash your passwords. 

15" MBP TB

AMD 5800X | Gigabyte Aorus Master | EVGA 2060 KO Ultra | Define 7 || Blade Server: Intel 3570k | GD65 | Corsair C70 | 13TB

Link to comment
Share on other sites

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×