ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE. Software > Finished Programs

DONE: create a stand alone app that implements oplop

(1/3) > >>

This was accidently posted under the "Coding Snack Guidelines" area and not the "Post New Requests Here", (can someone delete the post located at - thanks.)
There are various implementations of oplop (, but I am looking for a Windows based one, if possible done in AutoIT.

Some ideas that I would like to see, and I know this then makes the request outside of the canon for oplop:
select the length of the created password hash, with 8 being the least accepted length

Current canon states "Oplop also makes sure there is at least one digit and one letter in every unique account password in case a web site requires that sort of thing."
I would like to have a check box that allow the inclusion of special character from a predefined listing.  It could as simple as allow a ampersand (or char of the user's chosing), Yes / No?

Technical Details (
Oplop is a password hashing algorithm. The steps it takes to generate an account password is:
1.Concatenate the master password with the nickname (in that order!).
2.Generate the MD5 hash of the concatenated string.
3.Convert the MD5 hash to URL-safe Base64.
4.See if there are any digits in the first 8 characters. If no digits are found ...
  1.Search for the first uninterrupted substring of digits.
  2.If a substring of digits is found, prepend them to the Base64 string.
  3.If no substring is found, prepend a 1.
5.Use the first 8 characters as the account password.

Seems like a great idea to me.  Would make a great NANY 2013 entry too.

I gave this an attempt but my results did not match what the author's website implementation produced.  For example, the author states that a nickname of "Amazon" and a master password of "secret password" should result in "sar4_zIs" as the generated password.  However, after following the rules on the author's page, this is what I get:

Concatenated string: Amazonsecret password
MD5 hash of the concatenated string: fe6b656b873349bcc7f69509d0ca5d79
Base64 hash of the MD5 hash: ZmU2YjY1NmI4NzMzNDliY2M3ZjY5NTA5ZDBjYTVkNzk=

The next set of rules only applies if there isn't a number within the first eight characters so, in this case, one exists and we should take the first eight characters for the final password: ZmU2YjY1  You can see that this isn't even close to what it's supposed to be: sar4_zIs

It could be that the Base64 function I'm using isn't URL-safe but I can't see how it would make that much difference.  Maybe it would...

if possible done in AutoIT.
-helmar (November 29, 2012, 07:21 AM)
--- End quote ---
Why is that a requirement?

if possible done in AutoIT.
-helmar (November 29, 2012, 07:21 AM)
--- End quote ---
Why is that a requirement?
-Ath (November 29, 2012, 01:52 PM)
--- End quote ---

I suppose the OP could be familiar with AutoIT and would like to study the source if the app was written in it.   :)


[0] Message Index

[#] Next page

Go to full version