PASSWORD utility RP AUTOMATION INC DEC 1988

Preliminary Documentation

1.0 Introduction

This set of programs provides a mechanism for adding security

to VAL II user programs by forcing users to input the correct

PASSWORD before the user program will be executed.

2.0 Subroutine Description

The following subroutines are provided in this package:

Name Description

rp..change.password This program allows the user to

change the current password to

a new ASCII string.

rp..password.chk This program allows a mechanism

for the user programs to prompt

for the correct PASSWORD. The

result is returned back to the

calling subroutine.

rp..get.string These programs are not to be

rp..get.string.upper.noecho executed by the user. They are

rp..set.password used internally by the other

programs.

3.0 Software Installation

The software is installed using the following procedure:

1) The VAL II user programs that are to be secured must

already be in memory.

2) Load the RP._PASSWORD.V2 file from floppy. This is

done by typing:

LOAD RP._PASSWORD.V2

3) Edit the VAL II user programs which are to check for

a PASSWORD so that the "rp..password.chk" routine is

CALL'ed, and the proper check is made after this

subroutine returns. The typical coding sequence for

this is:

CALL rp..password.chk

FOR i = 0 TO 9

IF uti.dat1[i] <> -1 THEN

TYPE "Illegal PASSWORD entered", /B

HALT

END

END

<continue executing program>

This sequence of instructions can be used in different

places throughout the user programs, based on which parts

of the system need the security and which do not.

4.0 Variable names used

The following list of real variable names are used within this

set of programs:

rp..bad.entry rp..curr rp..curr1

rp..dat1[] rp..data[] rp..get.i

rp..i rp..inbuf[] rp..j

rp..k rp..tmp

These names are reserved and should not be used by the user.

5.0 Other considerations

1) Since the algorithm used for the encrypting of the

PASSWORD information is not public knowledge, these

programs have been made into Unimation (SYSTEM) programs.

This means that they cannot be edited, listed on the

CRT screen, or stored to a floppy diskette. It is

suggested that for the system to be more secure, the

VAL II user programs be converted to (SYSTEM) programs

as well.

2) The PASSWORD can be up to 10 characters long, but can

also be less characters. Control characters are not

allowed. Backspaces and DELs work as normal (deleting

the previously typed character) and cannot be part of

the actual PASSWORD.

3) The PASSWORD is not case sensitive (I.E. typing in

lowercase is equivalent to uppercase).

4) The PASSWORD with all original disks is: "RP. IS #1".

5) In order to save a changed PASSWORD, a file should

be saved which includes the .REALS. This file should

be LOAD'd after the RP._PASSWORD.V2 file is LOAD'd.

The .REALS can be saved by typing:

RSTORE NEW_PASSWORD.RV = RP..CHANGE.PASSWORD

The sequence for LOAD'ing in the PASSWORD information

again is:

LOAD RP._PASSWORD.V2

LOAD NEW_PASSWORD.RV

6.0 Messages

"Someone failed at changing password - RELOAD REQUIRED"

This message could be seen when EXECUTE'ing the

"rp..change.password" program. It signifies that

this program was EXECUTE'd before, and an incorrect

PASSWORD was given for the "old PASSWORD" prompt.

This file needs to be reloaded in order to work

correctly again.