Copyright 2024 - BV TallVision IT

Password matters

In case you need to store sensitive information such as access codes or passwords, you can build you're own encryption routines, or use a ready-available one in the form of a C-routine. 

Password encryption

The C-routine will scramble your code into something that is very hard to decipher. This code can then be stored in a transparent table. When a password needs to be checked, all you need to do is pass it through the same scrambling routine, and compare the outcome to what was stored on the transparent table. 

  data: lv_scramble_this type FTP_PASSWD value 'Password1969',
        lv_scrambled type FTP_PASSWD,
        lv_DSTLEN TYPE I,
        lv_KEY TYPE I VALUE 21104557.

   DESCRIBE FIELD lv_scramble_this 
     LENGTH lv_DSTLEN in character mode.
   
   CALL 'AB_RFC_X_SCRAMBLE_STRING'
   ID 'SOURCE'      FIELD lv_scramble_this
   ID 'KEY'         FIELD lv_KEY
   ID 'SCR'         FIELD 'X'
   ID 'DESTINATION' FIELD lv_scrambled
   ID 'DSTLEN'      FIELD lv_DSTLEN.

  write: / lv_scramble_this.
  write: / lv_scrambled.

 The outcome of the above will be something like: 

Password1969
29F52E5DAC42FC47DA58B139

Encrypt - decrypt ?

So there is a C-routine that does serious encrypting, but how can the password be decrypted or how can the encryption be indone ? Is there another C-routine that can reverse the process ? Nope there isn't. An you don't need one: when a password from the end user is checked, simply encrypt it again and check the encrypted outcome to the encrypted outcome you had already stored. Solves another serious issue: where to store passwords ? If they are stored in encrypted form, they don't have to be hidden away.

Add a security level to your password encryption by adding the user name to the password, or even mixing the 2 strings into one. Or switch every 1st and 2nd character - resulting in a password that can't be "guessed".

Let your end user enter a password

I'm sure you've seen applications where a password is typed and made invisible even to the person who is typing, with a "blind field" or "invisible field". Here's how that works in Abap: First define your field as in this example PA_PASS. Then adust the settings for the field - making it invisible:

PARAMETERS: PA_PASS(20) TYPE C. 

AT SELECTION-SCREEN OUTPUT.

  LOOP AT SCREEN.
    IF screen-name = 'PA_PASS'.
      screen-invisible = 1.
      MODIFY SCREEN.
    ENDIF.
  ENDLOOP.

And there you go - a blindfolded entry field.

Home   AbapcadabrA cookies   Password matters