Search Results

Search found 40429 results on 1618 pages for 'change password'.

Page 14/1618 | < Previous Page | 10 11 12 13 14 15 16 17 18 19 20 21  | Next Page >

  • Store password temporarily in memory

    - by Nils
    Hello, I'm looking for a way in an Android application to store a password within the memory as long as the application is running (cf. different activities). I was first thinking about the SharedPreferences, but then it's saved in the flash memory, which isn't that good for a password, I guess. I'm unsure, what's the best way. What would you recommend me?

    Read the article

  • SIMPLEST way to set up password protection for a static site, with basic admin UI?

    - by Joseph Turian
    I have a static site. I would like the simplest approach to password protecting a directory, with a basic admin UI for adding/removing users. I will have so few users that I don't care about performance. I don't care if it's PHP or Django or whatever, I just want a complete software package. Apache basic auth isn't good, because you can't log out. Nor is there a UI for adding users. I tried throwing everything behind Django auth and serving the files through Django. However, Chrome treats all my text/css headers as text/plain, so I don't get any stylesheets showing. I can't use mod_xsendfile on my server because I can't reconfigure Apache to add new modules. I think this approach is overkill anyway. I can try configuring Nginx's X-Accel-Redirect, however that requires implementing all the Django code for auth myself, and I'd prefer an existing solution. However, this is my backup plan. Is there a code package that implements authentication with basic admin for a static site?

    Read the article

  • convert password encryption from java to php

    - by Obay
    I'm trying to create a PHP version of an existing JSP program, however I'm stuck at the password encryption part. Could you please tell me how to convert this one? I know it tries to get the md5() but after that, I don't get it. I get lost in the Stringbuffer and for() parts. Can you help me out? public static String encryptPassword( String password ) { String encrypted = ""; try { MessageDigest digest = MessageDigest.getInstance( "MD5" ); byte[] passwordBytes = password.getBytes( ); digest.reset( ); digest.update( passwordBytes ); byte[] message = digest.digest( ); StringBuffer hexString = new StringBuffer(); for ( int i=0; i < message.length; i++) { hexString.append( Integer.toHexString( 0xFF & message[ i ] ) ); } encrypted = hexString.toString(); } catch( Exception e ) { } return encrypted; }

    Read the article

  • Cookies not working for password-protected Pages on WordPress

    - by KaOSoFt
    Initially I had the issue reported in this question. Now, what I noticed is that there are some browsers that accept the password, and there are some which don't. Difference? For some reason the cookie is generated when I log in into the Administration module, but it isn't when I write down the password to access the page, forcing it to simply reload. I can see the cookie created for the log-in, but I can see none for the password-protected Page. These happens on Internet Explorer, both version 7 and 8; only on some machines, though, but most of them fail this. I already tried white-listing the URL, and even letting it accept ALL cookies, to no avail. What may be the cause? If perhaps it's got something to do with question above, please help me! Thanks in advance. PS: If you know of another, cookie-free method to make a simple authentication, please link me to it. Thanks. Oh, and by the way, this is inside an Intranet with static, class C IPs.

    Read the article

  • making a password-only auth with bcrypt and mongoose

    - by user3081123
    I want to create service that let you login only with password. You type a password and if this password exists - you are logged in and if it's not - username is generated and password is encrypted. I'm having some misunderstandings and hope someone would help me to show where I'm mistaken. I guess, it would look somewhat like this in agularjs First we receive a password in login controller. $scope.signup = function() { var user = { password: $scope.password, }; $http.post('/auth/signup', user); }; Send it via http.post and get in in our node server file. We are provided with a compare password bcrypt function userSchema.methods.comparePassword = function(candidatePassword, cb) { bcrypt.compare(candidatePassword, this.password, function(err, isMatch) { if (err) return cb(err); cb(null, isMatch); }); }; So right now we are creating function to catch our http request app.post('/auth/signup', function(req, res, next) { Inside we use a compair password function to realize if such password exists or not yet. So we have to encrypt a password with bcrypt to make a comparison First we hash it same way as in .pre var encPass; bcrypt.genSalt(10, function(err, salt) { if (err) return next(err); bcrypt.hash(req.body.password, salt, function(err, hash) { if (err) return next(err); encPass=hash; )}; )}; We have encrypted password stored in encPass so now we follow to finding a user in database with this password User.findOne({ password: encPass }, function(err, user) { if (user) { //user exists, it means we should pass an ID of this user to a controller to display it in a view. I don't know how. res.send({user.name}) //like this? How should controller receive this? With $http.post? } else { and now if user doesn't exist - we should create it with user ID generated by my function var nUser = new User({ name: generId(), password: req.body.password }); nUser.save(function(err) { if (err) return next(err); )}; )}; )}; Am I doing anything right? I'm pretty new to js and angular. If so - how do I throw a username back at controller? If someone is interested - this service exists for 100+ symbol passphrases so possibility of entering same passphrase as someone else is miserable. And yeah, If someone logged in under 123 password - the other guy will log in as same user if he entered 123 password, but hey, you are warned to make a big passphrase. So I'm confident about the idea and I only need a help with understanding and realization.

    Read the article

  • Can't save DB password in BDE Admin v5.01 (c. 1998)

    - by Ryan Armstrong
    I have a legacy version of Goldmine running which uses BDE to connect to an SQL2005 server. I'm moving the goldmine application and its database onto a new server and all is fine with the exception of the master DB password. When Goldmine starts it prompts for the password. I enter the password and all is fine but I want the prompt to go away. The password appears to be saved and obfuscated somewhere on the old server but this was configured before my time. As best I can determine, I use the bdeadmin.exe tool to modify the idapi32.cfg file but there is no password option.

    Read the article

  • is it okay to use random URLs instead of passwords?

    - by stew
    Is it considered "safe" to use URL constructed from random characters like this? http://example.com/EU3uc654/Photos I'd like to put some files/picture galleries on a webserver that are only to be accessed by a small group of users. My main concern is that the files should not get picked up by search-engines or curious power-users that poke around my site. I've set up an .htaccess file, just to notice that clicking on http://user:pass@url/ links doesn't work well with some browsers/email clients, prompting dialogs and warnings messages that confuse my not-too-computer-savy users.

    Read the article

  • Have Windows Automatically Login Without Entering Your Password

    - by deadlydog
    If you are like me and don't want to have to enter your password each time Windows loads, you can have Windows start up without prompting you to enter a user name or password.  The simple (and BAD) way to do this is to simply not have a password on your user account, but that’s a big security risk and will allow people to easily remote desktop into your computer. So, first set a password on your windows account if you don’t already have one.  Then select Run... from the start menu (or use Windows Key + R to open the Run window) and type control userpasswords2, which will open the user accounts application.   On the Users tab, clear the box for Users must enter a user name and password to use this computer, and click on OK. An Automatically Log On dialog box will appear; enter the user name and password for the account you want to use to automatically log into Windows.  That's it.    You may also want to make sure your screen saver is not set to prompt you for a password when it exits either. Now your computer is secure without getting in your way.

    Read the article

  • Postfix: change sender in queued messages

    - by ring0
    Following a complete re-installation we got a problem with the configuration: the sender address was wrong and some recipients (mail servers) rejected them. So there is a bunch of mails stuck in the Postfix queue. Ideally, a change of the sender address directly in the queued mails, and then flushing the queue would be optimal. I tried this answer that addresses this very problem. But messages don't seem to be easily modifiable in the version I have (2.11.0). For instance there is no /var/spool/mqueue dir, but, instead, /var/spool/postfix/... active bounce corrupt defer deferred dev etc flush hold incoming lib maildrop pid private public saved trace usr and the dir of interest is deferred. I tried to modify a few files there changing the wrong domain with the correct one (and was careful to ensure only those were changed). But then, those mails were moved to corrupt, meaning that a simple text change doesn't seem to work (done with vi). Any other cleaner way to change the sender in queued mails?

    Read the article

  • help with making a password checker in java

    - by Cheesegraterr
    Hello, I am trying to make a program in Java that checks for three specific inputs. It has to be 1. At least 7 characters. 2. Contain both upper and lower case alphabetic characters. 3. Contain at least 1 digit. So far I have been able to make it check if there is 7 characters, but I am having trouble with the last two. What should I put in my loop as an if statement to check for digits and make it upper and lower case. Any help would be greatly appreciated. Here is what I have so far. import java.awt.*; import java.io.*; import java.util.StringTokenizer; public class passCheck { private static String getStrSys () { String myInput = null; //Store the String that is read in from the command line BufferedReader mySystem; //Buffer to store the input mySystem = new BufferedReader (new InputStreamReader (System.in)); //creates a connection to system input try { myInput = mySystem.readLine (); //reads in data from the console myInput = myInput.trim (); } catch (IOException e) //check { System.out.println ("IOException: " + e); return ""; } return myInput; //return the integer to the main program } //**************************************** //main instructions go here //**************************************** static public void main (String[] args) { String pass; //the words the user inputs String temp = ""; //holds temp info int stringLength; //length of string boolean goodPass = false; System.out.print ("Please enter a password: "); //ask for words pass = getStrSys (); //get words from system temp = pass.toLowerCase (); stringLength = pass.length (); //find length of eveyrthing while (goodPass == false) { if (stringLength < 7) { System.out.println ("Your password must consist of at least 7 characters"); System.out.print ("Please enter a password: "); //ask for words pass = getStrSys (); stringLength = pass.length (); goodPass = false; } else if (something to check for digits) { } }

    Read the article

  • Updating a database connection password using a script

    - by Tim Dexter
    An interesting customer requirement that I thought was worthy of sharing today. Thanks to James for the requirement and Bryan for the proposed solution and me for testing the solution and proving it works :0) A customers implementation of Sarbanes Oxley requires them to change all database account passwords every 90 days. This is scripted leveraging shell scripts today for most of their environments. But how can they manage the BI Publisher connections? Now, the customer is running 11g and therefore using weblogic on the middle tier, which is the first clue to Bryans proposed solution. To paraphrase and embellish Bryan's solution a little; why not use a JNDI connection from BIP to the database. Then employ the web logic scripting engine to make updates to the JNDI as needed? BIP is completely uninvolved and with a little 'timing' users will be completely unaware of the password updates i.e. change the password when reports are not being executed. Perfect! James immediately tracked down the WLST script that could be used here, http://middlewaremagic.com/weblogic/?p=4261 (thanks Ravish) Now it was just a case of testing the theory. Some steps: Create the JNDI connection in WLS Create the JNDI connection in BI Publisher pointing to the WLS connection Build new data models using or re-point data sources to use the JNDI connection. Create the WLST script to update the WLS JNDI password as needed. Test! Some details. Creating the JNDI connection in web logic is pretty straightforward. Log into hte console and look for Data Sources under the Services section of the home page and click it Click New >> Generic Datasource Give the connection a name. For the JNDI name, prefix it with 'jdbc/' so I have 'jdbc/localdb' - this name is important you'll need it on the BIP side. Select your db type - this will influence the drivers and information needed on the next page. Being a company man, Im using an Oracle db. Click Next Select the driver of choice, theres lots I know, you can read about them I just chose 'Oracle's Driver (Thin) for Instance connections; Versions 9.0.1 and later' Click Next >> Next Fill out the db name (SID), server, port, username to connect and password >> Next Test the config to ensure you can connect. >> Next Now you need to deploy the connection to your BI server, select it and click Next. You're done with the JNDI config. Creating the JNDI connection on the Publisher side is covered here. Just remember to the connection name you created in WLS e.g. 'jdbc/localdb' Not gonna tell you how to do this, go read the user guide :0) Suffice to say, it works. This requires a little reading around the subject to understand the scripting engine and how to execute scripts. Nicely covered here. However a bit of googlin' and I found an even easier way of running the script. ${ServerHome}/common/bin/wlst.sh updatepwd.py Where updatepwd.py is my script file, it can be in another directory. As part of the wlst.sh script your environment is set up for you so its very simple to execute. The nitty gritty: Need to take Ravish's script above and create a file with a .py extension. Its going to need some modification, as he explains on the web page, to make it work in your environment. I played around with it for a while but kept running into errors. The script as is, tries to loop through all of your connections and modify the user and passwords for each. Not quite what we are looking for. Remember our requirement is to just update the password for a given connection. I also found another issue with the script. WLS 10.x does not allow updates to passwords using clear type ie un-encrypted text while the server is in production mode. Its a bit much to set it back to developer mode bounce it, change the passwords and then bounce and then change back to production and bounce again. After lots of messing about I finally came up with the following: ############################################################################# # # Update password for JNDI connections # ############################################################################# print("*** Trying to Connect.... *****") connect('weblogic','welcome1','t3://localhost:7001') print("*** Connected *****") edit() startEdit() print ("*** Encrypt the password ***") en = encrypt('hr') print "Encrypted pwd: ", en print ("*** Changing pwd for LocalDB ***") dsName = 'LocalDB' print 'Changing Password for DataSource ', dsName cd('/JDBCSystemResources/'+dsName+'/JDBCResource/'+dsName+'/JDBCDriverParams/'+dsName) set('PasswordEncrypted',en) save() activate() Its pretty simple and you can expand on it to loop through the data sources and change each as needed. I have hardcoded the password into the file but you can pass it as a parameter as needed using the properties file method. Im not going to get into the detail of that here but its covered with an example here. Couple of points to note: 1. The change to the password requires a server bounce to get the changes picked up. You can add that to the shell script you will use to call the script above. 2. The script above needs to be run from the MW_HOME\user_projects\domains\bifoundation_domain directory to get the encryption libraries set correctly. My command to run the whole script was: d:\oracle\bi_mw\wlserver_10.3\common\bin\wlst.cmd updatepwd.py - where wlst.cmd is the scripting command line and updatepwd.py was my update password script above. I have not quite spoon fed everything you need to make it a robust script but at least you know you can do it and you can work out the rest I think :0)

    Read the article

  • Shell script not picking up password file...

    - by BigDogsBarking
    Running the below shell script seems to ignore the password file I'm feeding it. I'm continually prompted for it. If I enter it, the rest of the script goes without a hitch, but as I'm running it via cron, I really need to get it to read from the file... Any suggestions? #!/bin/sh p=$(<password.txt) set -- $p pass_phrase=$1 destination="/var/www/d" cd /var/sl/ for FILE in *.pgp; do FILENAME=${FILE%.pgp} gpg --passphrase "$pass_phrase" --output "$destination/$FILENAME" --decrypt "$FILE" rm -f $FILE done

    Read the article

  • .Net SQL Server Connection String - hide password from other developers

    - by Chris Klepeis
    We're migrating one of our sites to ASP.Net. We do not want to use integrated security, which uses the windows account to connect to sql server (not going to get into why, its just out of the question). We created a username and password to connect to SQL Server, and would like to use that username and password, however, we also do not want other developers to see this information (easily read from the web.config).... I know it can be encrypted, but it can just as easily be decrypted by the developers - plus encryption has a performance hit. Is there any solution to this problem?

    Read the article

  • Is hashing of just "username + password" as safe as salted hashing

    - by randomA
    I want to hash "user + password". EDIT: prehashing "user" would be an improvement, so my question is also for hashing "hash(user) + password". If cross-site same user is a problem then the hashing changed to hashing "hash(serviceName + user) + password" From what I read about salted hash, using "user + password" as input to hash function will help us avoid problem with reverse hash table hacking. The same thing can be said about rainbow table. Any reason why this is not as good as salted hashing?

    Read the article

  • Why do password strength requirements exist? [migrated]

    - by Bozho
    Password strength is now everything, and they force you to come up with passwords with digits, special characters, upper-case letters and whatnot. Apart from being a usability nightmare (even I as a developer hate it when a website requires a complex password), what are the actual benefits of having strong passwords (for website authentication)? Here are the prerequisites of a system that handles authentication properly: store passwords using bcrypt (or at least use salt+hash) - hard-to-impossible to find the original password when an attacker gets the database lock subsequent password attempts with a growing cooldown - no brute-force via the site

    Read the article

  • Android: Retrieving Password via registered Email on My Server

    - by Raghavan'G'
    i am working on retrieving password to the user when he submits his mail id that he registered on my server. I need to check whether he entered correct registered id and give him response by sending password to his corresponding mail and set dialog as password sent to your mail or if he entered wrong mail id i have to show mail id not registered... Any Idea? This is my code... package com.soap; import java.util.regex.Matcher; import java.util.regex.Pattern; import org.ksoap2.SoapEnvelope; import org.ksoap2.serialization.PropertyInfo; import org.ksoap2.serialization.SoapObject; import org.ksoap2.serialization.SoapSerializationEnvelope; import org.ksoap2.transport.HttpTransportSE; import android.app.Activity; import android.app.Dialog; import android.app.ProgressDialog; import android.os.Bundle; import android.util.Log; import android.view.View; import android.view.View.OnClickListener; import android.widget.Button; import android.widget.EditText public class Register extends Activity { /** Called when the activity is first created. */ // static Spinner operator = null; private static final String SOAP_ACTION = "......"; private static final String METHOD_NAME = "......"; private static final String NAMESPACE = "......"; private static final String URL = "My site"; private static final String TAG = "HELLO"; Thread t; ProgressDialog dialog; @Override public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.forgotpasswordpage); Button signin = (Button) findViewById(R.id.fpwdsubmit); signin.setOnClickListener(new OnClickListener() { public void onClick(View v) { showDialog(0); t = new Thread() { public void run() { register(); } }; t.start(); } }); } @Override protected Dialog onCreateDialog(int id) { switch (id) { case 0: { dialog = new ProgressDialog(this); dialog.setMessage("Please wait while connecting..."); dialog.setIndeterminate(true); dialog.setCancelable(true); return dialog; } } return null; } public void register() { Log.v(TAG, "Trying to Login"); EditText etxt_user = (EditText)findViewById(R.id.fpedtext); String email_id = etxt_user.getText().toString(); SoapObject request = new SoapObject(NAMESPACE, METHOD_NAME); request.addProperty("Email", email_id); Pattern EMAIL_ADDRESS_PATTERN =Pattern.compile( "[a-zA-Z0-9\\+\\.\\_\\%\\-\\+]{1,256}" + "\\@" + "[a-zA-Z0-9][a-zA-Z0-9\\-]{0,64}" + "(" + "\\." + "[a-zA-Z0-9][a-zA-Z0-9\\-]{0,25}" + ")+"); Matcher matcher = EMAIL_ADDRESS_PATTERN.matcher(email_id); if(matcher.matches()){ Log.v(TAG, "Your email id is valid ="+email_id); // System.out.println("Your email id is valid ="+email); } else{ // System.out.println("enter valid email id"); Log.v(TAG, "enter valid email id" ); } SoapSerializationEnvelope soapEnvelope = new SoapSerializationEnvelope(SoapEnvelope.VER11); soapEnvelope.dotNet = true; soapEnvelope.setOutputSoapObject(request); HttpTransportSE aht = new HttpTransportSE(URL); try { aht.setXmlVersionTag("<?xml version=\"1.0\" encoding=\"UTF-8\"?>"); aht.call(SOAP_ACTION, soapEnvelope); SoapObject resultsRequestSOAP = (SoapObject) soapEnvelope.bodyIn; Log.v("TAG", String.valueOf(resultsRequestSOAP)); } catch (Exception e) { e.printStackTrace(); } } }

    Read the article

  • change password code error

    - by ejah85
    I've created a code to change a password. Now it seem contain an error. When I fill in the form to change password, and click save the error message: Warning: mysql_real_escape_string() expects parameter 2 to be resource, null given in C:\Program Files\xampp\htdocs\e-Complaint(FYP)\userChangePass.php on line 103 Warning: mysql_real_escape_string() expects parameter 2 to be resource, null given in C:\Program Files\xampp\htdocs\e-Complaint(FYP)\userChangePass.php on line 103 I really don’t know what the error message means. Please guys. Help me fix it. Here's is the code: <?php session_start(); ?> <?php # change password.php //set the page title and include the html header. $page_title = 'Change Your Password'; //include('templates/header.inc'); if(isset($_POST['submit'])){//handle the form require_once('connectioncomplaint.php');//connect to the db. //include "connectioncomplaint.php"; //create a function for escaping the data. function escape_data($data){ global $dbc;//need the connection. if(ini_get('magic_quotes_gpc')){ $data=stripslashes($data); } return mysql_real_escape_string($data, $dbc); }//end function $message=NULL;//create the empty new variable. //check for a username if(empty($_POST['userid'])){ $u=FALSE; $message .='<p> You forgot enter your userid!</p>'; }else{ $u=escape_data($_POST['userid']); } //check for existing password if(empty($_POST['password'])){ $p=FALSE; $message .='<p>You forgot to enter your existing password!</p>'; }else{ $p=escape_data($_POST['password']); } //check for a password and match againts the comfirmed password. if(empty($_POST['password1'])) { $np=FALSE; $message .='<p> you forgot to enter your new password!</p>'; }else{ if($_POST['password1'] == $_POST['password2']){ $np=escape_data($_POST['password1']); }else{ $np=FALSE; $message .='<p> your new password did not match the confirmed new password!</p>'; } } if($u && $p && $np){//if everything's ok. $query="SELECT userid FROM access WHERE (userid='$u' AND password=PASSWORD('$p'))"; $result=@mysql_query($query); $num=mysql_num_rows($result); if($num == 1){ $row=mysql_fetch_array($result, MYSQL_NUM); //make the query $query="UPDATE access SET password=PASSWORD('$np') WHERE userid=$row[0]"; $result=@mysql_query($query);//run the query. if(mysql_affected_rows() == 1) {//if it run ok. //send an email,if desired. echo '<p><b>your password has been changed.</b></p>'; include('templates/footer.inc');//include the HTML footer. exit();//quit the script. }else{//if it did not run OK. $message= '<p>Your password could not be change due to a system error.We apolpgize for any inconvenience.</p><p>' .mysql_error() .'</p>'; } }else{ $message= '<p> Your username and password do not match our records.</p>'; } mysql_close();//close the database connection. }else{ $message .='<p>Please try again.</p>'; } }//end oh=f the submit conditional. //print the error message if there is one. if(isset($message)){ echo'<font color="red">' , $message, '</font>'; } ?> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> <body> <script language="JavaScript1.2">mmLoadMenus();</script> <table width="604" height="599" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td height="130" colspan="7"><img src="images/banner(E-Complaint)-.jpg" width="759" height="130" /></td> </tr> <tr> <td width="100" height="30" bgcolor="#ABD519"></td> <td width="100" bgcolor="#ABD519"></td> <td width="100" bgcolor="#ABD519"></td> <td width="100" bgcolor="#ABD519"></td> <td width="100" bgcolor="#ABD519"></td> <td width="160" bgcolor="#ABD519"> <?php include "header.php"; ?>&nbsp;</td> </tr> <tr> <td colspan="7" bgcolor="#FFFFFF"> <fieldset><legend> Enter your information in the form below:</legend> <p><b>User ID:</b> <input type="text" name="username" size="10" maxlength="20" value="<?php if(isset($_POST['userid'])) echo $_POST['userid']; ?>" /></p> <p><b>Current Password:</b> <input type="password" name="password" size="20" maxlength="20" /></p> <p><b>New Password:</b> <input type="password" name="password1" size="20" maxlength="20" /></p> <p><b>Confirm New Password:</b> <input type="password" name="password2" size="20" maxlength="20" /></p> </fieldset> <div align="center"> <input type="submit" name="submit" value="Change My Password" /></div> </form><!--End Form--> </td> </tr> </table> </body> </html>

    Read the article

< Previous Page | 10 11 12 13 14 15 16 17 18 19 20 21  | Next Page >