• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1265
  • Last Modified:

Lotus Notes password encyption algorithm

Hi,
i am looking for Lotus Notes password encyption algorithm. Does anyone has it?

Thanks,
Koray.

My aim is : In a .Net web site the user enters his password, i have to encrypt it and compare it to the encrypted password of the user in the Notes Address Book.
0
koray_uygun
Asked:
koray_uygun
  • 4
  • 3
  • 2
  • +2
1 Solution
 
ArunkumarCommented:
haa haa haa !!! If you can do it then Lotus Notes is out of the market...

:-)
Arun.
0
 
CRAKCommented:
....and with Notes out of the market, we'd be unemployed, right Arun?
0
 
GunsenCommented:
Why dont you try doing a LDAP bind to the domino-server, with users .net password (in cleartext) and see if it fails...?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
ArunkumarCommented:
Right CRAK !
0
 
ZvonkoSystems architectCommented:
Hello Koray,

let the guys laugh.

Do it simply by pushing the password entered by web user trough @Password function and compare then to the InternetPassword field in users Person document.

Like this:

PwdEntered = Evaluate(|@Password("| & doc.OldPassword(0) & |")|)

if (PwdEnetered = PersDoc.InternetPassword(0)) then
...

0
 
koray_uygunAuthor Commented:
Sorry Zvonko, but i cannot use @password because the user will enter his password in a .Net web site. Anyway Arunkumar i don't see why Lotus's encryption algorithm is confidential because anyway an encrypted password cannot be decrypted because, for exemple, if an "a" is transformed in an "e" and also is an "r", it is impossible. But if you all don't have this algorithm, no one else will ;-)
0
 
ZvonkoSystems architectCommented:
You did not see what I mean.
Let us say your web user enters the password in a web page into field named OldPassword and submit to Domino.
Then does the WebQuerySave agent or another action or button agent check for the correct password.
The password encryption is only one-way process. One-way mean you can only encrypt a password and compare with an already encrypted. You never can decrypt a encrypted password to its original form.
But even this encryption algorithm is secret for Notes passwords. I have seen companies telling you sell you a exe which can do the same so you can do this decryption with a brute force method and compare every computed encryption with the resulting encryption. For a eight character password allowing reduced character set you need several days to find a match.
So you can say: it is NOT possible.

0
 
ArunkumarCommented:
Points to ME bro !

:-)
0
 
GunsenCommented:
A compare is not possible.

But as i said, a LDAP logon (bind) to the domino-server should still be able to verify the password !

Set OpenDS = GetObject("LDAP:")
Set x = OpenDS.OpenDSObject("LDAP://" & UaserName & "/o=" & Organisation, CurrentPassword, 0)
0
 
GunsenCommented:
Sorry:
Set OpenDS = GetObject("LDAP://" & Server)
Set x = OpenDS.OpenDSObject("LDAP://cn=" & UserName & "/o=" & Organisation, CurrentPassword, 0)
0
 
koray_uygunAuthor Commented:
I'll make myself more clear. There was a Domino web site where users had to login with their login and internet password. We want to migrate to .Net but dont want the users to reenter their passwors in the new platform, we want to take their encrypted password from the PAB and put them in a relational database. Then we want to get rid of Lotus Notes. If it was possible to have the encryption algorithm we could compare the entered password to the encrypted one using the algorithm.
So i think Arunkumar will get the points if someone has to get them.

Thank you all for your help.
0
 
ArunkumarCommented:
No problem Koray ! I would love to bag these kinda points though...

:-)
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 4
  • 3
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now