Password Protection - Change Password?

Hi Folks,

on launched theApplication
	set thePassword to "tmobile"
	set theAnswer to text returned of (display dialog "Please enter the password..." buttons {"Cancel", "Proceed"} default answer "")
	if theAnswer is not equal to thePassword then
		--tell application "Finder"
		quit
		--end tell
	end if

This script protects the application with the password “tmobile” - has anybody an idea on how a logged in user
can change the password on his own?

it must be something like


set thePassword to password of text field of window "options"

thanks for your help…

Best Regards,

Stefan

set thePassword to the contents of text field "password" of window "options"

this works - ok - not really, because the values of the password file will not be recognised…

Best regards,

Stefan

What are you writing about? Password file?

if this is the system you are talking about, and not some random application, this will work:


property myExpect : "#!/usr/bin/expect 
spawn passwd [lindex \\$argv 0]
set password [lindex \\$argv 1]
expect \"password:\"
send \"\\$password\\r\"
expect \"password:\"
send \"\\$password\\r\"
expect eof"

set getUsers to (do shell script "/usr/bin/nireport / /users name uid | grep \"5[0-9][0-9]\"")

set howMany to number of paragraphs in getUsers
set theUsers to {missing value}
set i to 1
repeat while i ≤ howMany
	if i = 1 then
		set theUsers to word 1 of paragraph i of getUsers as list
	else
		set theUsers to (theUsers & word 1 of paragraph i of getUsers)
	end if
	set i to (i + 1)
end repeat

set myUser to (choose from list theUsers)

if myUser is not false then
	doPass(myUser)
end if

on doPass(myUser)
	set myPass to text returned of (display dialog "Please give the password you want to use" default answer "" with hidden answer)
	set myVerPass to text returned of (display dialog "Please give the password again to confirm" default answer "" with hidden answer)
	if myPass is myVerPass then
		do shell script "/bin/cat > /tmp/expectPass << EOF 
" & myExpect & "
EOF" with administrator privileges
		do shell script "/bin/chmod +x /tmp/expectPass" with administrator privileges
		do shell script "/tmp/expectPass " & myUser & space & myPass with administrator privileges
		
		do shell script "/bin/rm -rf /tmp/expectPass" with administrator privileges
		display dialog "User " & myUser & "'s password has been changed."
	else
		set tryAgain to button returned of (display dialog "The passwords do not match.  Please try again." buttons {"Ok", "Cancel"} default button "Ok")
		if tryAgain is "Ok" then
			doPass(myUser)
		end if
	end if
end doPass

cheers.

Hi Kel,

I am looking for the possibility to save a password dynamically in a file or within the application…

Hi Waltr,

thanks for your tool, but I am looking for a possibility to secure a random file…

Best Regards,

Stefan

hi stephan,

i found this link interesting:

http://aplawrence.com/Unixart/file_encryption.html

i think the pgp method might be better. you could easily use an AppleScript wrapper to, “make it pretty”.

cheers.

Hi Stefan,

You could use hashed passwords also. To create one use: something lilke:


do shell script "openssl passwd -crypt -salt sa mypassword"

→ result
“sayVb7E97UXnw”

where “sa” is random letters. Using crypt the salt is appended to the front. When the users enter passwords, you check if it is correct with something like this.


-- get password from user
display dialog "Enter password:" default answer ""
set user_p to text returned of result
-- get hashed password from file, user defaults, plist, whatever
set h to "sayVb7E97UXnw"
-- get salt
set s to text 1 thru 2 of h
-- check user entry
do shell script "openssl passwd -crypt -salt " & s & space & user_p
set user_h to result
if user_h = h then
	beep 3
	-- allow user to create a new password or continue
else
	beep 2
	-- let user try again or whatever
end if

If you’re using AppleScript Studio, then you can store it in user defaults. The of the script depends on your preference for ui.

See unix man page for ‘openssl’, ‘passwd’ for more options. You could also encrypt with openssl instead of using hashed passwords.

Edited: one important thing I should say is that you on’t want the application to save the passwords in variables. So, for somehting like the above script, you would declare the password variable as local.

local user_p

I don’t know if AS Studio saves variable values, but regular AppleScript does, In fact it might be better to change the value right after you’re done with it.

set user_p to “”

gl,