AHK Hotkeys, passwords and security with .ini file

I use Github to store some of my code. I also make a lot of it public to share.

I suddenly realised that I was copying my hotkey script across to github and that script contained some of my general passwords that I used for some of the general web stuff I visit. OOPS!!!!

So I wondered how to solve that problem and looked to make some different files that I could locate elsewhere (not in the directory that I synced with Github) so that the information was not available in that directory.

I looked on the AHK forum and there were a few methods of doing that and tried a few out, but in the end looked at the .ini file structure that has key pairs.

So there were a few hotkeys that I’d assigned , say to a file C:\Users\drake\Documents\MyHotkeys\MyHotkeys.ahk

^!d:: ;ctrl+alt+d 
  { SendInput max@pir2.tk 
^!a:: ;ctrl+alt+a   
  {SendInput %ctrlAltA%
^!f:: ;ctrl+alt+f 
  { SendInput %ctrlAltF%

But instead of sending an email address or password, send a variable instead, like ctrl+alt+a or ctrl+alt+f keys which are calling variables %ctrlAltA% or %ctrlAltF%

This means that, if you get this file, you do not know what is being sent when you hit the hotkey as its using a method where you are reading the variables from an .ini file


And we call that .ini file, which we have located somewhere else on our system, in the case below , in C:\users\FlameHead\MyFiles directory which is away from where we have our folder with the hotkeys.

We then IniRead a variable, in this example , a key pair variable in the .ini file under a section called [Data]. The section header is just a part of the .ini file structure, so you can have multiple sections with key value pairs, where the variable is the KEY and it is assigned some string, in this case an email address or maybe a password.

HotkeyIni= C:\users\FlameHead\MyFiles\MyHotkeyIni.ini

IniRead, ctrlAltA, %HotkeyIni%, Data, ctrlAltA
IniRead, ctrlAltF, %HotkeyIni%, Data, ctrlAltF

So if you give someone your file C:\Users\drake\Documents\MyHotkeys\MyHotkeys.ahk it won’t work for the keys that you have assigned with variables from the .ini file.

From the MyHotkeys.ahk file they will know that there is another file its calling, but unless they can get onto your PC and copy that file they cannot access what those variables are.

An extension using a hash key algorithm of some sort to pass hashes through a decoder

The next step would be to try and encrypt the ini file key variable string and then use a decryption script with a key to be able to make the string usable.

This may be useful.

End comment

Further steps to explore with encryption.

I did have issuers with AHK Command Picker as that would not do IniRead in the Hotkey file, I had to do that in the Command.ahk file, so I had to read .ini file in the command.ahk file andf use the variables in the hotkey.ahk file. All working now. I did try adding the script to the end of the email&date.ahk file but in the end I got it to work in the AHK Command Picker scripts.