At Shawns behest I'll throw my tuppence in...

KiXcrypt is not an absolutely cracker proof mechanism, as at some point in the processing the script file is exposed. It is a very short period, but it is there.

The password problem is solved with KiXcrypt by passing the password as a command line parameter, something like:
code:
kix32.exe logon.kix $Password=secret
The password never appears in the script, only the variable name. If someone did manage to rip the script, they still wouldn't have the password.

Back to the topic...

There are a couple of solutions I can think of, depending on what you want to do. File timestamps are easily faked - a copy of touch.exe ported from Unix will do the job nicely.

You could write the entire command that needs the password into the object, then you would never need to expose it back to the script. Something like:
code:
$Crypto=CreateObject("KixFunctions.Crypto")
$Crypto.Password="lshdf872lads"
$ret=$Crypto.Use("S:","\\SERVER\SHARE","Administrator")
If you need the password in the script, the securest method of ensuring it isn't hijacked is to use the MD5 hash of the script to peturb or salt the algorithm used to encrypt/decrypt the password. Of course the decryption routine will need to be able to securely identify the script that it is called from to be able to read it and generate the hash.

The encrypt/decrypt routine will ignore line 1 when generating the hash, as that is where you'll set the password.

One other thing to say of course is that if you use the password to execute another program (su.exe for example) you are asking for trouble unless you take precautions.

A cracker will simply replace the su.exe with a trojan which records command line parameters and environment variables then calls the real su.exe. Chuck in a copy of postie or blat to send the info to a Hotmail account and some code to copy itself to administrative shares on other machines in the domain. This can run silently capturing passwords for as long as he wants, and if he's lucky will spread itself through your entire company without being detected.