[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Passwords

To: info-mcl
Subject: Re: Passwords
From: danny@farallon.com (Danny Brewer)
Date: 8 Jul 92 14:10:50 GMT
Followup-to: comp.lang.lisp.mcl
Newsgroups: comp.lang.lisp.mcl
Organization: Farallon Computing, Inc.
References: <9207072158.AA07267@aristotle.ils.nwu.edu>
Sender: news@farallonfarallon.com

In article <9207072158.AA07267@aristotle.ils.nwu.edu>, lynch@ils.nwu.edu
wrote:
> 
> enclosed is a set of files that will do this for you.
> 
> It is not bulletproof in terms of seeing the characters...if you're eyes
> are fast enough you can see the characters go by as you type...
>
>  [...then some lisp code containing the following comments...]
>
> View-click-event-handler is disabled entirely.
> 
> If I was a real hacker, I'd fix these by:
> Making my own special font to map all characters to the same graphic
> and loading it into the system whenever this was loaded, or
> Temporarily altering _DrawChar to always draw the same character.
> Get the source code for view-key-event-handler and
> view-click-event-handler and duplicating them with one small change.

I've implemented password edit fields before using MPW Pascal for
some of the commercial Mac products I work on (Timbuktu and
Timbuktu/Remote).  [Sorry I've never needed to do this in Lisp,
so I don't have any code to provide.]

Use two edit text views.  One is visible which the user can type
and click in, and the other view is somehow invisible.  The
invisible edit field has the real text in it.  The visible one
has bullets (or blobs).

Everytime the user _releases_ the mouse in the edit field, you need
to cause the invisible field to have the same characters selected.

Everytime the user types a keystroke into the edit field, you need
to intercept it and send it to the real edit field so that its
complete effect happens, but is invisible.  Next, if the keystroke
was a printable character (I test for this by checking for TAB,
RETURN, ENTER, BACKSPACE, etc.) send a bullet character to the
visible field.

The net effect is that if the user backspaces or deletes or edits
the password field, all of those edits happen in parallel to the
invislble field which contains the actual text.  Since the real
characters are never present -- not even briefly -- in the visible
text field, there is no opportunity to see them as they are being
typed (which can happen on a very slow mac, or if a GC were to
happen at a bad time).

Danny Brewer
danny@farallon.com

References:
- Re: Passwords
  - From: lynch@ils.nwu.edu

Prev by Date: Newton developers... 3rd party
Next by Date: Re: emacs for mac
Previous by thread: Re: Passwords
Next by thread: Passwords
Index(es):
- Date
- Thread