In my application various functions are protected from being edited by a password, which the user must enter on a login form. There only exists one password common for all users of the application (very simple "user management" system).
The application is a Human Machine Interface (HMI) for controlling a machine. When I write "all users" it means: different shop floor people are allowed to operate the machine, but are not allowed to change settings. All these users are logged in with the same windows user (administrator).
The computer on which the application is running is not in a domain, and not even on a network.
When the user enters a password and presses a button "Login", the entered password is hashed and compared with a hashed password stored in the settings.settings file.
On the login form the user is able to change the password by entering first the existing/old password and then the new password. The new password is then hashed and stored in the settings.settings file (old password is overwritten).
At the very first start of the application after installation, the user is prompted to define a password (to be stored in the settings.settings file). This is done by the application checking if no (hashed) password is present in the settings.settings file. If the file contains an empty string -> prompt the user for defining a password.
The problem with this implementation is that anyone could "simply" reinstall my application, or just delete the user.config file, to reset the password.
A solution I have thought about would be to install the application with a default password in the settings.settings file, which a given user then had to know in order to change the password. The problem here is that this default password would very fast become well-known to a lot of users, and therefore would be just as insecure as no password at all.
My question is: how can I force the user to define a password at the very first startup, without making it too easy to just reset the password by e.g. reinstalling the application?
Any help and comments are appreciated.
Aucun commentaire:
Enregistrer un commentaire