rudimentary password protect

I have a couple scripts I use extensively at work that I want to prevent my boss from stealing (I wrote them on my own time, and he never paid me for the last script I did for him a year ago). He really doesn’t know anything about the workings of applescript, so it doesn’t need to be overly complex or even secure, just enough that it kicks anyone out who doesn’t have the correct password to run it. I’ll save the editable version to my flash drive and a run-only copy will replace what I use every day. What’s the best way to do this?

This works well enough for my purposes.

set {text returned:returnedTXT} to (display dialog "password question" default answer "" buttons {"OK"} default button 1)
if returnedTXT is not "password answer" then
end if

From Standard Additions dictionary:

Now he can peek over your shoulder, to no avail :slight_smile:

For more security with minor difference is that you can save an md5 hash. Even if we’re not talking about programmers every person who is a bit handy with an hex editor can resolve static text from every application including your password. When the static text is an md5 hash it is still difficult for him to resolve the real password if your password cannot be found in a md5 hash table online.

something like this

set theHash to "ed076287532e86365e841e92bfc50d8c" --Hello World!

set x to display dialog "Please enter your password to continue" default answer "" buttons {"OK"} default button 1 with hidden answer

set a to do shell script "md5 -q -s " & quoted form of text returned of x

if a is not theHash then --is a case sensitive comparison
	return false
end if

return true

Here’s my big version:
NOTE: This is a folder actions script, just attach it to a new folder you made and put all your scripts in there

on opening folder This_Folder
	tell application "Finder"
		set dialogresult to display dialog "Please enter your password to access this folder." buttons {"Accept"} default button 1 default answer "" with title "Script Security" with hidden answer
		set PWText to the text returned of dialogresult
		if PWText = "YOUR-PASS-HERE" then
			display dialog "Access Granted" buttons {"Ok"} default button 1
			close folder This_Folder
			beep 3
			set volume 1
			tell application "iCal"
				tell calendar "Accesses" -- MAKE SURE TO MAKE YOUR OWN ACCESSES CALENDAR
					set theCurrentDate to current date
					make new event at end with properties {description:"User attempted to access script folder, and was stopped and logged out.", summary:"Security Breach", location:"Macbook", start date:theCurrentDate, end date:theCurrentDate + 0 * minutes}
				end tell
			end tell
			display dialog "The password entered is incorrect
			You will be auto-logged out in ten seconds." buttons {"Log out now"} default button 1 giving up after 10
			tell application "System Events" to set the visible of every process to true
			tell application "System Events" to set theApps to (name of every process whose visible is true and name is not "Finder" and name is not (my name as text))
			repeat with theApp in theApps
				tell application theApp to quit
			end repeat
			tell application "System Events" to log out
			delay 1
			keystroke return
			keystroke return
			keystroke return
			keystroke return
			keystroke return
			keystroke return
			keystroke return
			keystroke return
			keystroke return
			keystroke return
			keystroke return
		end if
	end tell
end opening folder

It’ll log him out too so if the way he gets on is when you leave for a minute, then he cant get back on (he doesnt know your login pass). Also, it writes an event inside your calendar “Accesses” an event at this time saying someone tried and failed to access the folder. If it doesnt work (any bugs) just tell me! Please PM me saying you posted too, its hard to go back through all the posts :slight_smile: Thanks


With the section of your script that logs out, what happens if the application has unsaved documents?

What if the boss is using the Terminal?

So there are two ways of securing such thing, in code itself or bsd file permissions. I would say abrupt the code when the user presses the wrong password. Also make an expiration date of you script. The expiration date is needed when someone fooled you and has your password, he can only use your script for a short time, then it’s your turn again.

On the other hand I would say that a boss has in most cases the last word. I mean some people think they have won but you only end up with no job or a boss that makes your job less pleasant. So my question is, how far would you go and can you go?

I guess you could figure out a way to tell them to save, not sure how you’d do that… Hmm…