TEncryptedIniFile: easy to use class for handling app settings with encryption in Delphi – TMS Software Blog
Posted by jpluimers on 2017/10/17
[WayBack] TMS Software | Blog | TEncryptedIniFile: easy to use class for handling app settings with encryption
via: [WayBack] A new blog has been posted:TEncryptedIniFile: easy to use class for handling app settings with encryption – Michael Thuma – Google+
I wonder how that works with encryption algorithms based on thin Delphi wrappers around proven open source encryption libraries.
–jeroen
PS: Note the G+ link died. Not sure why, but that’s why I archived the original as a WayBack link when writing this post.
The Wiert Corner - irregular stream of stuff 
KMorwath said
“Extra steps could be taken to use an AES key that is a combination of a unique machine ID…” Why? Just generate a pure random key (using a good random generator, of course). Derived key can be guessed, when you have the code. Then use the underlying OS features to store the key safely – i.e. CryptProtectData() under Windows, or a Linux keyring. Read the key only when you need it, and then destroy it clearing the memory.
jpluimers said
You are totally right. Building secure systems is, well, hard (:
I tried posting your comment with attribution on the TMS blog post, but no: [Archive.is] “@TMSsoftwareNews when entering a perfectly valid email address like word.word+tag.subtag@gmail.com: Please enter a valid Email Address.”
Jan Doggen said
For the second link, Google+ says: “This post could not be found.
This URL may be incorrect, the post may have been deleted, or the post may not have been shared with this account “
jpluimers said
Thanks for noticing that. It is exactly why I archive so many links with [WayBack] or [Archive.is] tags: too many links suddenly disappearing.