Hii There,
I created a small project/script for my own personal use which consist of getting all my online passwords from a database.
Before anyone can access that information It must answer 3 question from a table in the same database which contains 12 question and
each correspoding answers. each question from the database so if you hit F5 on a page you get new ramdon Question
each answer answered by the the user(me) are stored in Session and ecrypted using md5 and the question must be all different you can not have the same question twice
at the end on the get.php file all answers are compared to the real answer from the database.
if they match then boom show my secrets.
a lil bit of background information
all my online password i use KEEPASS to regerate a ramdon password and keep the password there.
therefore i dont know the password the password can be something like
85LuM1K1gh7zT1nLXFK9XHbhnpPrWiNiEfOoVGtUUWcYw8dKewTPaAtEf3Fz_COgrUj7qfRZp0QnP0AFlfpjuA
So my question is well not actually a question i just want you guys to look at my code and give me advise/recommend on how i can improve the security
I posted the code on pastepin so i dont make the thread too long.
q1.php
http://pastebin.com/CSjhbyN6
q2.php
http://pastebin.com/rJu91Hz2
q3.php
http://pastebin.com/eCZ4UACx
get.php
http://pastebin.com/quJVKTnN
getQuestionAnswer.php
http://pastebin.com/zqAdYJNK
if you wanna see my tables structure here is the SQL statement to create them
http://pastebin.com/Ld7HMHEV
to get all the files togther just click the download hyper link at the top left of the codes.
Thanks,
Wilson B