Hi All,
Just a quick one. Is there a way to increase the length and add case sensitivity on the password on 3.30? I need to use this since I'll be heavily using ActiveHTML so I can't upgrade to MBBS v10.
Any ideas will be good.
Password length
Re: Password length
Hi,
Out of the box no, they are not configurable. There have been third party approaches to doing this, I believe Dan Spain has/had an option for two factor authentication at some point - might be worth sending him a PM or seeing if he replies here.
Out of the box no, they are not configurable. There have been third party approaches to doing this, I believe Dan Spain has/had an option for two factor authentication at some point - might be worth sending him a PM or seeing if he replies here.
-- Duckula
// Site admin
// Galacticomm IP owner
// Site admin
// Galacticomm IP owner
-
daniel_spain
- Posts: 428
- Joined: Sun Aug 09, 2020 2:39 am
Re: Password length
hdt wrote:
> Hi All,
>
> Just a quick one. Is there a way to increase the length and add case
> sensitivity on the password on 3.30? I need to use this since I'll be
> heavily using ActiveHTML so I can't upgrade to MBBS v10.
>
> Any ideas will be good.
so few ways you could implement this....... first to increase password size you could need to modify the file USTRUCTS.H and change the constant PSWSIZ from 10 to whatever you wanted.
secondly for case sensitivity you want to edit majorbbs.c and find the function dftpsw which will look like this:
[code]
INT /* returns 1=ok, 0=bad password */
dftpsw( /* check password */
CHAR *psword) /* proposed password */
{
if (sameas(psword,usaptr->psword)) {
shochl(usaptr->userid,'',baudat(usrptr->baud,0));
updcal();
return(1);
}
else {
return(0);
}
}
[/code]
and you want to change "if(sameas(psword,usaptr->psword))" to "if(strcmp(psword,usaptr->psword)==0)"
the galacticomm library function "sameas" ignores case whereas the C library function strcmp looks for an exact match.
so if you increased the ustructs.h constant PSWSIZ to say 65 (that is with trailing zero so that would be 64 characters max)
and the password was "3EgVVVekpouy!%f" it would have to be typed exactly like that.
another thing you can do is also modify majorbbs.c and add a 3rd factor after password verification to either say a text message or email address
and could throw em to another prompt while awaiting for the correct answer and you can ever set up an addition to the function "inirel" which
controls the idle channel disconnect stuff and add in a feature to accept the input within X seconds ot they get disconnected and can even
do some security stuff to alert the sysop, ban the account, suspend the account, etc......
> Hi All,
>
> Just a quick one. Is there a way to increase the length and add case
> sensitivity on the password on 3.30? I need to use this since I'll be
> heavily using ActiveHTML so I can't upgrade to MBBS v10.
>
> Any ideas will be good.
so few ways you could implement this....... first to increase password size you could need to modify the file USTRUCTS.H and change the constant PSWSIZ from 10 to whatever you wanted.
secondly for case sensitivity you want to edit majorbbs.c and find the function dftpsw which will look like this:
[code]
INT /* returns 1=ok, 0=bad password */
dftpsw( /* check password */
CHAR *psword) /* proposed password */
{
if (sameas(psword,usaptr->psword)) {
shochl(usaptr->userid,'',baudat(usrptr->baud,0));
updcal();
return(1);
}
else {
return(0);
}
}
[/code]
and you want to change "if(sameas(psword,usaptr->psword))" to "if(strcmp(psword,usaptr->psword)==0)"
the galacticomm library function "sameas" ignores case whereas the C library function strcmp looks for an exact match.
so if you increased the ustructs.h constant PSWSIZ to say 65 (that is with trailing zero so that would be 64 characters max)
and the password was "3EgVVVekpouy!%f" it would have to be typed exactly like that.
another thing you can do is also modify majorbbs.c and add a 3rd factor after password verification to either say a text message or email address
and could throw em to another prompt while awaiting for the correct answer and you can ever set up an addition to the function "inirel" which
controls the idle channel disconnect stuff and add in a feature to accept the input within X seconds ot they get disconnected and can even
do some security stuff to alert the sysop, ban the account, suspend the account, etc......