Hi, i'm making a batch file where the user enters a password. Instead of the password intergrated inside the batch file, I need it to be saved on a seperate file, like pwd.txt. How would you make the batch file read it and see if it has the same text as the user has inputted?

First create pwd.txt and give it the Hidden and ReadOnly attributes for safety reasons. echo.MyPassword>pwd.txt attrib pwd.txt +R +H Then to read the stealth password and compare with the one typed set /P PWD=<pwd.txt set /P USER=Enter Password^> if "%USER%"=="%PWD%" (goto :OK) else (goto :ERROR) That however allows the password to be stolen while the user is typing it on the screen.

Security through obscurity is no security all. Passwords used in batch files, even if they are stored in a hidden text file, is IMO completely worthless. My 10 year old nephew knows how to access a "hidden" text file to get the password that is stored in it. If you really need to use password authentication, then use a language that doesn't store the password in a plain text file and you should store them encrypted.

i'm facing the same problem here. what's the better way to store plain password? i'm thinking of storing it in registry, but dont have a clue to do it. at least it stop the average computer user to look at my data.

Putting the passwords in the registry is 1 step above a plain text file, but still not very secure. Here's an example on using regedit in a batch file, but I'm sure IVO can come up with a better example. http://www.robvanderwoude.com/reged... A better option would be to store encrypted passwords in a database, such as mysql, and use a scripting language like Perl or Python, or one of the VB variants.