Simple but strong password encryption

There are many instances where people want to use passwords to protect access to objects through applications but out of ignorance or laziness simply have the password stored in the clear. Since it is (regrettably) very common for people to use the same password for multiple locations, someone who gets those passwords may have the ability to access many other locations. The code I have posted here is based on the sha2 hashs, considered very strong one-way encryption algorithms. I encapsulated the sha2 algorithms in a C++ class and then encapsulated that class in a password file class for ease of use.

I hope that people find this useful and will make their sites more robust by making it impractical to retrieve the user’s password from their password file.

This is a zipped up directory containing the relevant source code with an example program, a Visual C++ 6/7 project and a makefile that I have used successfully on Solaris and Linux. I updated this code to use my implementation of SHA2 on November 22, 2004 (see here for details). You can now select your password hash to be 160, 224, 256, 384 or 512 bits.

This software comes with no warrentee of any sort, use at your own risk!