Re: [flexcoders] Re: Local storage of password

On Wednesday 05 Dec 2007, rmarples wrote: SharedObject because it's not sensitive, but for the password the salesforce.com security requirements are such that you can only store local passwords if you encrypt them SharedObject is encrypted, to all intents and purposes. requirement just

Re: [flexcoders] Re: Local storage of password

- Original Message - From: Jeffry Houser [EMAIL PROTECTED] To: flexcoders@yahoogroups.com Sent: Wednesday, December 05, 2007 2:22 PM Subject: Re: [flexcoders] Re: Local storage of password That'd be too easy. He stated that he needs to prevent the user from re-entering the password

RE: [flexcoders] Re: Local storage of password

, December 04, 2007 5:39 PM To: flexcoders@yahoogroups.com Subject: [flexcoders] Re: Local storage of password Hi Jeff - Thanks for the response. By the way, great podcast :) I will look into the encryption libraries that both you and William mentioned but I'm wondering how they handle the encryption

Re: [flexcoders] Re: Local storage of password

That'd be too easy. He stated that he needs to prevent the user from re-entering the password upon their next use of the application. Tom Chiverton wrote: On Tuesday 04 Dec 2007, rmarples wrote: requirement that I can't store the encryption key in the source code as a string literal. I'm

Re: [flexcoders] Re: Local storage of password

@yahoogroups.com Sent: Wednesday, December 05, 2007 4:40 PM Subject: Re: [flexcoders] Re: Local storage of password I think that's a simple (yet elegant) solution. I wish I thought of it. Paul Andrews wrote: - Original Message - From: Jeffry Houser [EMAIL PROTECTED] To: flexcoders

[flexcoders] Re: Local storage of password

: Wednesday, December 05, 2007 2:31 AM Subject: Re: SPAM-LOW: [flexcoders] Re: Local storage of password ( Thanks for listening; glad you enjoy ) You are working on an application with very odd security requirements. I almost think you'd be better off with a completely open web

Re: [flexcoders] Re: Local storage of password

I think that's a simple (yet elegant) solution. I wish I thought of it. Paul Andrews wrote: - Original Message - From: Jeffry Houser [EMAIL PROTECTED] To: flexcoders@yahoogroups.com Sent: Wednesday, December 05, 2007 2:22 PM Subject: Re: [flexcoders] Re: Local storage

RE: [flexcoders] Re: Local storage of password

That'd be too easy. He stated that he needs to prevent the user from re-entering the password upon their next use of the application. So compare hashes again... ? Tom Please note, as of 10th December 2007 the registered office address

Re: [flexcoders] Re: Local storage of password

- Original Message - From: rmarples [EMAIL PROTECTED] To: flexcoders@yahoogroups.com Sent: Wednesday, December 05, 2007 11:30 PM Subject: [flexcoders] Re: Local storage of password Well the thing about this application is, I don't own the server. I'm using a 3rd party Internet web

Re: [flexcoders] Re: Local storage of password

On Tuesday 04 Dec 2007, rmarples wrote: requirement that I can't store the encryption key in the source code as a string literal. I'm wondering if you or anybody else has ideas on how to handle this? Sorry to jump in mid-thread, but if you just need to check a password is the same as one

[flexcoders] Re: Local storage of password

Tracy - Isn't MD5 a hashing algorithm? Meaning I can only encrypt, not decrypt? I don't think this would work for this scenario would it? Ryan --- In flexcoders@yahoogroups.com, Tracy Spratt [EMAIL PROTECTED] wrote: There is an MD5 library available for AS3 that I have used. Tracy

[flexcoders] Re: Local storage of password

I believe this was posted last week, but it is a great library and bears repeating: http://as3crypto.riaforge.org/ -- William --- In flexcoders@yahoogroups.com, rmarples [EMAIL PROTECTED] wrote: I have a requirement to take credentials used for an external web service and cache them locally

Re: [flexcoders] Re: Local storage of password

Yes, MD5 is a hashing algorithm and it is unlikely you'd be able to take a hash and get the original text (in a timely / efficient manner). There are a few AS3 encryption projects. ASCrypt3: ascrypt3.riaforge.com and Crypto http://crypto.hurlant.com/ Both of them have 2-way encryption

Re: [flexcoders] Re: Local storage of password

Is this a Flex app on a web page? I am not sure about an AIR project but with Flex and webservices, you still have the benefit of cookies and sessions. I am working a project that uses a standard web page login that gets the user logged in and the session started. After that it moves to the

[flexcoders] Re: Local storage of password

Hi Jeff - Thanks for the response. By the way, great podcast :) I will look into the encryption libraries that both you and William mentioned but I'm wondering how they handle the encryption key. I have a requirement that I can't store the encryption key in the source code as a string

Re: SPAM-LOW: [flexcoders] Re: Local storage of password

( Thanks for listening; glad you enjoy ) You are working on an application with very odd security requirements. I almost think you'd be better off with a completely open web service. You might store the encryption key in a database or server side / non web accessible XML and use some

Re: SPAM-LOW: [flexcoders] Re: Local storage of password

the password! Paul - Original Message - From: Jeffry Houser [EMAIL PROTECTED] To: flexcoders@yahoogroups.com Sent: Wednesday, December 05, 2007 2:31 AM Subject: Re: SPAM-LOW: [flexcoders] Re: Local storage of password ( Thanks for listening; glad you enjoy ) You are working