It's running locally. I'm trying to protect it against hackers hacking into my PC. For auto-login, I need to save my username and password and encrypt/decrypt it somehow. I just thought about this. I can encrypt them using a key generated by a hardware specific number (something from the network card) and then save them to a file. Then my ATS program calls an executable file that does the decryption and autologin. At least this'll make it harder to hack but probably not impossible. Edit: Actually, I don't think I need to save them in a file. I can put the encrypted username/password in the executable file. Then it decrypts them using the key of the network card. The only way to access them would be by reassembling the executable.
Thanks Tripack. I'm very familiar with your and other programs in that list. But I don't remember seeing any encryption methods in your auto-login code.
You are correct. No I haven't seen any mention of encryption on the TWSAPI list either. In fact I'd have to say that as far as encryption is concerned I know virtually nothing and after a quick search of that list don't see anything that could help you in this matter. Sorry not to be of more help. I just checked and it looks like you use VB.NET so I did a quick search on www.codehound.com for "encryption" the first article has some good basic "how to" information with regards to encryption along with some samples. The sample shows how to save the encrypted text in a separate data file. http://www.vbexplorer.com/VBExplorer/library/encrypt.htm
just21, Thanks for the suggestion. I'm aware of TWSStart but I'm trying to do this from my own program. tripack, That's a good start. There are some advanced algorithms for deeper encryption. I need to think about this more to be able do it as hacker proof as possible.
Do you mean encrytion or ofuscation? Encryption needs the key to decrypt the encrypted password. It's not good idea to leave your key on your computer if you're concerned with the hacking your PC. You would be better off by just hiding your password in your program using a little trick like base64 encoding or any other encoding scheme to make it harder for casual user to peek your password. If you can use your NIC MAC ID to generate hash to encrypt the password by a separate program that will not reside on your computer. Then your ATS program can recover the hash from the MAC ID and decrypt the password (SOMEHOW, not sure how you can do it), then you get a nice protection. The hacker will need your MAC ID to crack the password. But the weak point is still that if a hacker gains access to your PC, he/she has access to your MAC ID, therefore, you're back to square one The better approach would be to protect your PC from hacking instead trying to make each individual program from being hacked.
I guess I mean both of them. You're right a persistant hacker might figure out what's going on but if I use what I described it won't be very straightforward. I'm using a software firewall but I'll also get a router soon.
Yeah. I didnt think that out. It would start tws but wouldnt be able to fill in the blanks. I use macro express which does a good job. p.s. If you use ensign or another package that will auto login to tws then the scheduler would work by simply starting the package.