Ian Bicking: the old part of his blog


It might make it a bit more secure if you put the random chars at the begining instead of at the end.

But I think for any real security, one should use a proven algorythm.

I like this though because its light weight and would provide enough security as needed non widespread use, certain situations.

I tried to make one similar myself for storing passwords in inifiles, but I couldn't make it as secure as I wanted, so I just stored them xored with the repeating username then base64 encoded. (Oh no now my secrets out!)

No flames for the above insecure algorythm please, its just a step up from plain text It's just to protect against nosey pc repair guys. Even if they get the password, they have to build a twisted PB program to use it, and as soon as they do we'll know and change it.

Now that I've shared this info, I think I'll have to start using blowfish or something!. I think I'll use the hash of the username appended with a hardcoded key.

Thanks for sharing your algorythm.
Comment on Homebrew encryption
by Matthew Sherborne