[AccessD] Unlock/Unprotect VBA Project

Stuart McLachlan stuart at lexacorp.com.pg
Sat Jun 2 17:12:25 CDT 2018 

To put it into simple terms.  A Hash is a mapping of arbitrary data to a fixed string of bits.

In its simplest form it is just a "checksum" like the last digit or a credit card number of freight 
container number.  In those cases a simple calculation based on the preceding digits results 
in a single digit which is appended to the number.  That means that your can do the 
calcuation when someone enters a number and in  9 out of ten cases of a miss-entered 
number, it will flag the error.

Modern cryptographic hashes are more complex and use algorithms that compute  a much 
larger checksum.  (256 or more bits) so that there is a much smaller chance of any two initial 
values will end up with the same hash value. There is always a chance of collision since you 
are effectively mapping an infinite number of different strings to a fixed number of hashes - 
but with 256, 512 etc bits in the hash, the chances are vanishngly small.

Cryptographic hashes have another couple of atributes:
1. A small change in the initial string results in large changes in the hash value
2. It is very difficult to reverse engineer the hash to come up with any arbitrary string that 
hashes to that value.

The end result is that you can store the hash of a password, a message, a file or whatever 
and even if someone gets their hands on the hash, they can't  generate another password, 
message of file that matches that hash, but if  someone has the original password, message 
of file, it is easy to validate it by re-hashing it and comparing the result to the stored hash.

So - if you store passwords in your database and someone hacks it, they have the password 
and can log in with it.

If you store a hash of the password, the hacker gains nothing by acquiring the hash - they 
can't use it to log in.  Only someone with the actual password that hashes to that value can 
log in.


On 2 Jun 2018 at 16:20, Bill Benson wrote:

> I just wish I understood better what this does, how to incorporate it
> into my applications. I'll just have to study the links. The whole
> notion of hashes has eluded me every time I have tried to understand
> it. Just a severe mental block. I am probably not a serious computer
> programmer, just a power user of Excel who learned to write macros in
> his spare time. Encryption, hashes, etc just never got through to me
> because I didn't get into "hacking" early in life mayne.
>

More information about the AccessD mailing list