Date dependent password

otrotabi · ‎2022-09-29

I am trying to develop a date dependent password algorithm.

The use case is something like: 1. Generate password for a specific date and length of time. 2. Send to user (email, phone, etc). 3. User enters the password and changes a level 2 parameter. 4. Level 2 access is enabled for a certain time.

Output should be UINT, ideally less than 9999 so that is easy to input into the TM171 line, as well as the TM172 line which would accept bigger numbers more easily.

I have come up with a simple solution but maybe there´s something more developed available.

otrotabi · ‎2022-09-30

So, I came up with this. Not quite sophisticated but I think it works and it is better than handling the user a permanent password:

This first program is executed at boot time and it writes an EEPROM value as a default password:

(*************************************************************
Write default level 2 password
If TM171 line is used, PrjCfg_usiDefaultPassword variable
accesibility should be set to Level2

MRQ_Password is an EEPROM variable used as password 
for TM172. If TM172 is being used, in order to access 
password restricted variables in HMI this can be used

1) Define a new global variable named PasswordLevel as USINT

2) In Display/Resources/Expressions define a new expression
with Expression ID (i.e.) PassLevel2 = PasswordLevel = 2

3)Variable or buttom "Visible" property is set to Expr:PassLevel2

***************************************************************)

bret := isSmart412(bret); //TM171 returns TRUE

IF bret THEN 
	bret := SmartSetPsw(28,PrjCfg_usiDefaultPassword);
ELSE
	bret := sysWriteParUSINT(MRQ_PASSWORD,PrjCfg_usiDefaultPassword);
END_IF;

While this is somewhere either in timed or background tasks

//Set level 2 password
//Do not set PrjCtrl_xSet TO TRUE in simulation
IF PrjCfg_xSetPassword THEN
	retbool := isSmart412(bret); //TM171 returns TRUE
	IF  retbool THEN
		bret := SmartSetPsw(28,(sysclock.daymonth + sysclock.dayweek * 3 + sysclock.hours * 4 + sysclock.year));
	ELSE	
		bret := sysWriteParUSINT(MRQ_PASSWORD,(sysclock.daymonth + sysclock.dayweek * 3 + sysclock.hours * 4 + sysclock.year));
	END_IF;		
	PrjCfg_xSetPassword := FALSE;
END_IF;

(*****************************************************************************************************************
If user enters a password, then a timer starts.
If no key is entered for a fixed time, it automatically sets PW Level = 0
*****************************************************************************************************************)

IF sysPwLevel = 0 THEN
	RETURN;
END_IF;	
	
Timer_Password(PT := TO_UDINT(PrjCfg_usiPasswordTime) * 1000, IN := TRUE);

FOR I1 := 0 TO 3 DO
	IF sysLocalKeys[I1] = TRUE THEN
		Timer_Password(IN := FALSE);
		Timer_Password(IN := TRUE);
	END_IF;
END_FOR;
	
IF Timer_Password.Q = TRUE THEN
	Timer_Password(IN := FALSE);
	sysPWLevel := 0;
END_IF;

Password generation algorithm should generate a number between 0 and 255.

The user should be asked for the time and the corresponding password would be supplied either by phone or email.

Of course it would not take too much time to test all numbers from 0 to 255 but then the user should know which parameter he should be modifying and it´s meaning.