I have created a password checker in c programming but it is not working can anyone please check it and say what is wrong in this.
#include<stdio.h>
#include<stdbool.h>
int main() {
int otp[4]; //array for storing the true password entered by user at first
int pto[4]; //array for storing password for login
int count = 4,i;
bool pass = true;
printf("enter a new password: ");
for (int i = 0; i < count; i ) {
scanf("%d", & otp[i]); //for storing the true password
}
printf("\n\n --- Login page --- ");
printf("\nenter your password : ");
for (i = 0; i < count; i ) {
scanf(" %d", & pto[i]); //asking for password for login
}
for (i = 0; i < count; i ) { //check for password
if (otp[i] == pto[i]) {
pass = true;
} else {
pass = false;
}
}
while (pass == false) { //if password is wrong
printf("\n---- password din't match ----\nenter your password again : ");
for (i = 0; i < count; i ) {
scanf(" %d", & pto[i]);
}
for (i = 0; i < count; i ) {
if (otp[i] == pto[i]) {
pass = true;
} else {
pass = false;
}
}
}
printf("\n Your password is correct!");
return 0;
}
And should I use int or char to store passwords,if i use int also that part works if char also it works but sometimes it wont work,
CodePudding user response:
This loop ultimately only cares if the last value in each array match or not.
for (i = 0; i < count; i ) {
if (otp[i] == pto[i]) {
pass = true;
} else {
pass = false;
}
}
For example, comparing { 1, 2, 3, 4 }
and { 4, 4, 4, 4 }
would result in pass
being true
after the loop, despite the obvious differences.
Instead, set the flag to false
, and break
from your loop as soon as a mismatch occurs.
bool matching = true;
for (size_t i = 0; i < length; i ) {
if (array_one[i] != array_two[i]) {
matching = false;
break;
}
}
If a mismatch never occurs, the flag will remain true
afterwards.
Usually passwords are text that is hashed (with a salt) before being stored. Password verification is done by comparing hashes. For example, take a look at the man 3 crypt
library function.
The use of a fixed-length series of plain integers for a 'password' is atypical, but for a toy program it is fine.
Here is an example program to study.
#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#define KEY_LENGTH 4
void get_key(int *key, size_t length) {
for (size_t i = 0; i < length; i ) {
if (1 != scanf("%d", &key[i])) {
fprintf(stderr, "Could not read integer input.\n");
exit(EXIT_FAILURE);
}
}
}
bool match_key(int *one, int *two, size_t length) {
for (size_t i = 0; i < length; i )
if (one[i] != two[i])
return false;
return true;
}
int main(void) {
int key[KEY_LENGTH];
int user_key[KEY_LENGTH];
printf("Set the key (%d integers): ", KEY_LENGTH);
get_key(key, KEY_LENGTH);
puts("--- LOGIN ---");
while (1) {
printf("Enter the key (%d integers): ", KEY_LENGTH);
get_key(user_key, KEY_LENGTH);
if (match_key(key, user_key, KEY_LENGTH))
break;
puts("Key mismatch. Retrying...");
}
puts("Welcome to the system.");
}
CodePudding user response:
Since you didn’t specify your problem (besides “it’s not working”), I’ll do my best to list all the possible issues.
Reading integers
scanf("%d", & otp[i]);
Will read a single decimal integer into a position in otp
. If the password is 1024
, the first time through the loop (iteration) will read 1024
into otp[0]
. In the second iteration, scanf()
will wait until another number is available on standard input. Once it’s available, it will read it into otp[1]
, and so on. This scanf()
loop really reads in 4 different integers, separated by newlines. It would be much easier to do only one scanf()
for one integer, like this:
int main() {
int otp;
int pto;
bool pass = true;
printf("enter a new password: ");
scanf("%d", &otp);
You could also scan a 4-character string by using char
arrays:
int main() {
char otp[5]; //4 digits and 1 NUL-terminator
char pto[5];
bool pass = true;
printf("enter a new password: ");
scanf("%4s", otp);
Password-checking logic error
As @Oka explained, your checker has a logic error. If using an integer, you could simply check
if (opt == pto) {
//correct
} else {
//incorrect
}
If using a char
array (string), you could use
if (!strcmp(otp, pto)) {
//correct
} else {
//incorrect
}
You would have to #include <string.h>
for strcmp()
.
Standard output buffer
The “enter a new password: ” prompt is not printed until the stdout
buffer is flushed. This usually only happens when a newline is printed. You have to
fflush(stdout);
right after printing the prompt if you want it to appear.