Search Results

Search found 9715 results on 389 pages for 'bad passwords'.

Page 115/389 | < Previous Page | 111 112 113 114 115 116 117 118 119 120 121 122 | Next Page >

RemoteApps and Cached Credentials

- by user66774

I'm looking for a guidance on an issue we're having. We are hosting an application over terminal services through RDWeb on Windows 2008 Server. To give users the ability to change their password we've exposed the iisadmpwd to allow the users to change their passwords. When the users change their password, they are prompted to log into broker server, even if they log off of the RDWeb page and log back in. What we've found is that the credentials seem to be cached in memory after logging in. Ending task on TSWBPRXY.EXE, WKSPRT.EXE, closing IE and logging back into the RDWEb page, then launching the application allows the user to log into the application without additional credentials. I'm wondering if there is a better way to either have the user change their password from a web interface, but allow them to reestablish their connection from the RDWeb login page rather than through the RDP login prompt that comes up.

Read the article
Samba + Centos (Share not working)

- by mplacona

I've done this a few times already, but for some reason this time it's not working. I have a folder called ruby (root:root - 0777) on /home/placona I'm trying to see this folder from my WindowsXP box, but keep getting permission denied. I can see the global share though, but whenever I try clicking on the ruby share, it won't let me in. Here's my smb.conf settings: [global] log file = /var/log/samba/samba.%m guest account = nobody netbios name = DEVBOX server string = DEVBOX CENTOS workgroup = WORKGROUP encrypt passwords = yes security = share max log size = 50 [ruby] path = /home/placona/ruby I want to be able to open this folder without using password (hence the guest account = nobody). I tried even with password, but never seems to work. Can anyone spot anything wrong with my settings?

Read the article
Browser considering www domain and without www domain different

- by user1444680

I've bought a domain name and hosted it. My browser is storing separate passwords for mydomain.com and www.mydomain.com, and also caching them separately. I want these two to be considered the same website. The zone records of mydomain.com are: "A" record: "@" points to the IP address of my hosting CNAME: www points to "@" As CNAME signifies alias, shouldn't browser understand (like search engines do) that the two URLs refer to the same website? Is it browser's fault? Please tell how to correct the problem? Do I need to enter some other record for www instead of CNAME?

Read the article
is there a way to prevent network manager from storing the password for a wireless network

- by tolomea

Our corporate wireless network uses continuously changing passwords with RSA tokens. So every time we need to connect to the wireless we need to enter a new password off the RSA token. For extra fun using the wrong password a couple of times in a row causes the users account to be locked. Network manager automatically stores and reuses the password, with the net result that it is constant getting my account locked. Is there some way to prevent it from storing my password for that network? Or perhaps someway to get the gnome keyring to not store it?

Read the article
Is disabling password login for SSH the same as deleting the password for all users?

- by Arsham Skrenes

I have a cloud server with only a root user. I SSH to it using RSA keys only. To make it more secure, I wanted to disable the password feature. I know that this can be done by editing the /etc/ssh/sshd_config file and changing PermitRootLogin yes to PermitRootLogin without-password. I was wondering if simply deleting the root password via passwd -d root would be the equivalent (assuming I do not create more users or new users have their passwords deleted too). Are there any security issues with one approach verses the other?

Read the article
Broken screen on laptop?

- by John

I recently damaged the screen on my HP Notebook...now my main concern is that I have Roboform installed and on my taskbar. The trouble is, because the screen is totaled, I can't see anything, and I discovered, to my horror, that I haven't backed any of the IDs and passwords up to a text document. Of course, I cannot access any of my content that hosts an ID name and password at all unless I can access Roboform that is installed on the notebook! Now hopefully I have ordered a SATA/USB cable to access the hard drive that I now removed form the notebook will I be able to access roboform that way and ALL the log-in details?

Read the article
Git push on localhost with htaccess

- by Rooneyl

I am looking into setting up a remote git repo. To start with I have created it on my Windows machine using xampp following this guide. All works fine except when I try to add some security, as per step 6 of the guide (for when I migrate it to my main web server). I have added passwords by using passwd and adding htaccess to the htdocs folder. This works fine (I have checked in my web browser), but when I try and push I get prompted for my password the it fails with a error (code 22). $ git push origin master Password for 'http://git@localhost': error: Cannot access URL http://git@localhost/s.git/, return code 22 fatal: git-http-push failed Any ideas?

Read the article
Samba groups not working

- by Josh

I am trying to get samba working with groups. I am using CentOS. #sswords = yes lanman auth = no null passwords = no hosts allow = 129.130.155. netbios name = a server server string = base PHP server [team$] path= /var/www writable = yes valid users = @team force group = @team I have created a few users in linux, and added them to a group called team using groupadd -a -g username. I the attempted to login and got a NT_STATUS_NO_SUCH_GROUP. If I comment out the two last lines in the config it works, but I wish to have group ownership and prefer just to be able to add users to a group in Linux and for it to work with the samba.

Read the article
What is the `shadow` group used for?

- by Shtééf

On my Ubuntu 9.10 system, there's a shadow system group. There does not appear to be any user assigned to this group at all. The only files that I can find belonging to this group are /etc/shadow and /etc/gshadow. I'm aware that the purpose of these files is to store the passwords separately, out of reach from regular users who still might want to access passwd for other reasons. But what is the purpose of the shadow group? The reason I'm curious about this, is because I'm thinking about configuring nsswitch.conf to store it elsewhere, and would like to know if anything is actually trying to access the shadow database using shadow group credentials.

Read the article
What is the easiest way to copy Chrome's login/passses into KeePass without creating duplicates?

- by ldigas

Okey, here's the thing. I have most of my login info in two places; one is in Keepass file and the other is in Chrome. Being a lazy sort of person, and since Chrome/Keepass integration never really started to work the way it should, a couple times a year I use the Nirsoft tool to get the Chrome login/passwords into a textual .csv file and then import it in Keepass. Creating lots of duplicates in the process which I then clean and so on. In the meantime, all the new logins I accumulate just stay in Chrome. As you might notice, this is not really the best way to do it. Is there a faster way to do this; copy logins from Chrome to Keepass without creating duplicates in Keepass, or has anyone perhaps found a way to get Keepass to work with Chrome under Win XP SP3? Keepass 1.0 or 2.0, doesn't make the difference as long as it works.

Read the article
Unauthorized computer use via keyboard or remote access?

- by brydaverambo

I’m suspecting my computer is being used when I’m not at home. This is happening either physically or remotely. My wireless switch is off. Is there any way possible to detect and/or monitor activity without purchasing software? My settings are being changed as well as passwords (Bios PW was changed and I cannot access Bios settings). I connect via the network cable. Is it possible for someone (in range) to connect to my laptop even if the wireless switch is off? This is a Dell Inspiron 1720 with the WLAN 1395 card. Here’s the kicker. When I try to download freeware for monitoring activity, I am not allowed to do this! ????

Read the article
svnserve, Mac OS X Lion Server and user accounts

- by Casper

I am trying to use the "built-in" user accounts of my Mac OS X Lion server to grant access to repositories. Currently I am using the conf/passwd file (which works), but I don't like the fact that the passwords are visible as plain text. Is there a way to "connect" the svnserve access restriction to the normal user accounts that are already on the system? Thanks PS: I am not wanting to connect via Apache/WebDav - there I know it works. I want to connect via svn:// using the existing user accounts.

Read the article
Help remembering name of boot CD (maybe it wasn't a live CD)

- by daneee

I am struggling to remember the name of a boot CD I have since lost the disc for. It was great for cloning discs, and resetting passwords. It's NOT the UBCD4Win, and it defos wasn't Knoppix. I have checked the LiveCD list and can't seem to find it there by doing a 'sort by'. I seem to remember it was called something like GS Tools but that might be more or less completely wrong. It had an unusual but memorable name. Makes me wonder how I came across it in the first place!

Read the article
Chef: Load Attributes from encrypted databag in json role

- by jcvj

I'm want to use the postfix cookbook for chef. The sasl password is expected to be in an attribute. So usually you would do this: "default_attributes": { "postfix": { "sasl": { "smtp_sasl_passwd": "somepassword" } } } The thing is: I don't want to have the password in the repository in plain text. So I put it in an encrypted data bag. Now I want to access it. This can be done with this: Chef::EncryptedDataBagItem.load("passwords", "postfix")['password'] The problem: This only works in a .rb file, but my role is in json; all my roles are in json! I don't want to change that just for this purpose. Does anybody have an idea what to do here? Help is very appreciated.

Read the article
Is it necessary to change the default users and groups in VMware esxi 4.0 in order to have a secure

- by Teevus

By default esxi creates a number of users and groups including: daemon nfsnobody root nobody vimuser dcui How secure is this default security setup? Besides changing the root password, is it advisable to modify the default users and groups? E.g. does esxi use default passwords for the accounts or anything else that could be exploited by malicious users? My scenario is very basic and I don't require any custom users or groups as only sysadmins will ever need to administer the virtual infrastructure, and they can do so using the root account. Thanks

Read the article
Can I store multiple private keys in one Putty PPK file?

- by RedGrittyBrick

I have multiple accounts on a server, say for example red webadmin testuser At the moment I have private keys for these in separate PPK files. I have shortcuts to these on the desktop - so clicking the desktop icon launches Pageant and prompts for a password. After doing this for each PPK file, I can log in and out of the server(s) multiple times during the day using various user-ids without entering passwords. So far so good. Could I streamline this further by somehow combining all these PPK files into a single PPK file? If so how?

Read the article
How to deploy Windows-8 Enterprise Apps to other users?

- by TToni

Windows-8 (Metro) Apps can be installed using "sideloading", bypassing the Windows store in enterprise environments. In principle this is easy: Once you enabled sideloading (which is automatically done when a Win8-machine joins a domain), you can install a signed appx-Package through PowerShell with the "Add-AppxPackage" command. But there is a catch: The App is only installed for the user who executes the command and there is no "-Credentials" parameter! I can probably solve that problem in my specific scenario, where I deploy a self-developed app through TFS build to a virtual machine with a fixed demo user (by using remote powershell in combination with "Add-Job", which does take a credential parameter and because I know the given username and the password). But that is not true in an enterprise environment, where I want to distribute my App to thousands of users. Cracking all their passwords seems a bit over the top, so what would be the "correct" way to do this? I can't find any useful information from Microsoft about this, but maybe one of you already ran into this problem and solved it?

Read the article
How to switch users without entering password, part II

- by torbengb

I've got Ubuntu 9.10 with a user account for my wife, and one for myself. "Wake-from-screensaver" should result in "choose user" without having to enter any password. I know how to do that in Windows, but I'm not good with Linux (yet). Part of this was answered in this question which helped me get past the login screen without passwords (after booting, and after choosing "switch user"), but once the screensaver kicks in and I wake it up again, the system does not present the "choose user" screen. Instead, it either turns off the screensaver and presents the desktop of the most recent user, or (if the screensaver is set to lock the screen) prompt for the user's password (which can be handily surpassed by clicking the "switch user" button and choosing the same user again). So, the login ("choose user") screen has been dealt with. How do I make the (any) screensaver return to the login screen at wake, rather than to the current user's desktop? Windows can do this, I'm sure Linux can too - but how?

Read the article
User account restriction error and unable to access share

- by user44394

I have a windows share with full control granted to individual domain user accounts on the share and security permission. Whenever the user attempts to browse to the share they receive the error: Logon failure user account restriction. Possible reasons are blank passwords not allowed, logon hour restrictions, or a policy restriction has been enforced. If the users are added to the administrators group on this machine they are able to browse the share without issue. What do I need to change to allow them access to the share without being administrators on that machine?

Read the article
Registry settings for disabling autocomplete options in IE8

- by redphoenix

I have a script that disables all the autocomplete settings in IE6 and IE7 but with IE8 there are new settings that aren't disabled by the script. The settings are under Tools-Content-AutoComplete-Settings The current registry keys I'm modifying are HKCU\Software\Microsoft\Internet Explorer\Main\FormSuggest Passwords "no" HKCU\Software\Microsoft\Internet Explorer\Main\FormSuggest PW Ask "no" HKCU\Software\Microsoft\Internet Explorer\Main\Use FormSuggest "no" HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete\AutoSuggest "no" The settings that are not unchecked by these keys are Browsing History and Favorites. Does anyone know the registry settings that are associated with these IE settings?

Read the article
Windows XP Log In: Can't do it. Logon Message popup.

- by kojobino

A friend recommended this site to me. Hope you can help! I can't seem to log into Windows. I boot my computer. The log In screen appears. I put in my user name and password, hit OK, and the following message pops up: "The system could not log you on. Make sure your user name and domain name are correct, then type your password again. Letters in your passwords must be typed using the correct case". NOTE: I have tried Safe Mode and the same message pops up. Just to be clear, I am not able to get into Windows (I'm stressing this b/c I've come across some suggestions that require you to be in Windows, which doesn't help in my case). Thanks for your assistance. -Stranded in Toronto

Read the article
Is it possible to open several web pages when browser is started?

- by gotqn

I am searching for browser option or plugin (it will be best if it is available in Web Kit browsers,Opera or Firefox - not IE) that allows me to open several web pages when it is initially started. For example, let's say that I have some file with settings in which I have pointed the following websites: Google + gmail StackOverflow.com SuperUser.com dba.stackexchange.com linkedin etc... and when I firstly started the Chrome browser, all this sites will be opened in new tabs and because the browser has saved my passwords I will be logged in. I will find this very helpful because: It will saves me time I will not miss anything when I turn off my computer (for example to forget to check my mail)

Read the article
Mysql loses its root password

- by RubyDev

I am having a strange problem, my mysql loses/resets the root password automatically. By which I mean that it resets it to none. It has happened twice this month. I am worried that it can be a security issue as data is open waiting only for someone trying no password! Here is the version: mysql --version mysql Ver 14.14 Distrib 5.1.56, for redhat-linux-gnu (i386) using readline 5.1 Any help would be appreciated. Update: Output of select user, host, password from mysql.user; how it looks after the password got reset | root | localhost | | root | 127.0.0.1 | | | localhost | | | admin | localhost | ################################# | (I have removed the actual output with #) So all the passwords are blank, except for for another user named 'admin'

Read the article
How can I prevent Apache from exposing a user's password?

- by Marius Marais

When using basic authentication (specifically via LDAP, but htpasswd also) with Apache, it makes the REMOTE_USER variable available to the PHP / Ruby / Python code underneath -- this is very useful for offloading authentication to the webserver. In our office environment we have lots of internal applications working like this over SSL, all quite secure. BUT: Apache exposes the PHP_AUTH_USER (=REMOTE_USER) and PHP_AUTH_PW variables to any application inside PHP. (PHP_AUTH_PW contains the plaintext password the user entered.) This means it's possible for the app to harvest usernames and passwords. Presumably the same information is available to Python and Ruby (all three are currently in use; PHP is being phased out). So how can I prevent Apache from doing this? One idea is to use Kerberos Negotiate authentication (which does not expose the password and has the benefit of being SSO), but that automatically falls back to Basic for some browsers (Chrome and in some cases Firefox), causing the password to be exposed again.

Read the article
Debian/Linux backup files changed by user

- by verhogen

I would like to backup my server that is hosting a few websites in such a way that I can restore everything to the way it was from a fresh format. I know that I should backup all the home folders and then probably my /etc/ folders. Is there a way to figure out all the folders that are relevant for backup in that they were not automatically generated or installed from apt-get? It would ideally restore all the users with their current passwords as well. Basically, enough to clone the system but only copying configuration files.

Read the article

< Previous Page | 111 112 113 114 115 116 117 118 119 120 121 122 | Next Page >