Using a USB for User identification

Started by Mike King, October 23, 2019, 03:01:37 PM

Previous topic - Next topic

Mike King

Have you ever wanted a way to identify different users on the same Windows workstation without them having to enter who they are and their password? While there are many ways to do this, one simple technique is to use a USB to identify the user.  When the user walks up to the workstation all they need to do is plug in their USB and presto, your application knows who is on the system.

Obviously you could easily just put a file with the users identification on the USB and read it, but that's not very secure.  Ideally you want to encrypt the file and somehow tie it to the specific USB drive to prevent users from simply copying the file.

Well in the text file attached to this posting is a simple program you can use to encrypt and store a user name on a file on the USB and make sure it is tied to a specific USB so that most users can't just copy it.  The program has two entry points:

Create_user, which creates the file on the USB and takes 3 parameters:

  • CALL "dongle;Create_user", User_name$, Passkey$, Filename$

  • User_name$ which is used to identify the user
  • Passkey$ which is a string of data used to encrypt the user name
  • FileName$ which is the pathname to a file to create on the USB

CALL "dongle;Create_user", "John Smith", "Mary had a little goat", "D:\Passkey"

Get_user, which takes the same three parameters but returns the user name.  If the file is corrupted or been copied to another device this call will fail with an error 11 and return a blank user name.  An error 12 is generated if the file is not present.

So simply take a USB, format it and call the Create_user entry point giving it the user name to create the key then add logic in your system to issue a call to Get_user to confirm that a valid USB has been inserted and what the user name is.

This provides an easy way to identify who is using your system from a Windows workstation using a low cost USB device.

BTW: You can also put other stuff on the same USB if desired.

NOTE: There are tools out there that can physically replicate any USB so this technique is not 100% foolproof but will provide good security that most users won't easily be able to get around.
Mike King
President - BBSysco Consulting