Search Results

Search found 5685 results on 228 pages for 'encrypted partition'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 164/228 | < Previous Page | 160 161 162 163 164 165 166 167 168 169 170 171  | Next Page >

  • Ruby fixtures error with password column

    - by user347998
    I am trying to load a fixture for my tests which has a password column (binary datatype). The tool i am using uses EzCrypto gem for encrypting and decrypting passwords before they are stored/retrieved. Now if my column is binary i thought rails would automatically store the password as encrypted - but all i get is: 1) Error: test_is_working(FirstTest): RuntimeError: Failed to decode the field. Incorrect key? /Library/Ruby/Gems/1.8/gems/mislav-will_paginate-2.3.11/lib/will_paginate/finder.rb:170:in method_missing' unit/first_test.rb:8:insetup' 2) Error: test_sanity(FirstTest): RuntimeError: Failed to decode the field. Incorrect key? unit/first_test.rb:8:in `setup' Fixture file looks like this: first_hussle: type: FirstAccount user: jsewq username: [email protected] password: 'abc123' any clues?

    Read the article

  • File Encryption Operation

    - by kiruthika
    Hi All, I have doubt in gpg command operation . Actually we are using gpg command for encrypting the file . File.txt has following things. Testing hello world My security things. Now I am doing the file encryption for File.txt gpg --symmetric File.txt Now I got File.txt.gpg file , which is encrypted. My doubt, if some open that file and did someone changes in that I am not able get file content . It says my following things. $ gpg --decrypt File.txt.gpg gpg: no valid OpenPGP data found. gpg: decrypt_message failed: eof I want my file content , even though some body has done changes in that . what should I do for this problem....?

    Read the article

  • Encrypting Files with AES, Encrypting Key with RSA - Am I on the right track?

    - by Shawn Steward
    Overview: I'm trying to design an application that will encrypt files to safely send through the mail. I'm planning on using AES/RijndaelManaged encryption from .Net to encrypt the files initially, using a randomly generated key using RNGCryptoServiceProvider. I'm then encrypting this random AES key with a RSA Public key. The receiver of the data is the only one with the RSA Private key to decrypt it. My question: Is this the proper way to do something like this? If so, is it safe to send this RSA-Encrypted key with the data since it requires the private key to decrypt? Also - when having the end user generate their Public/Private key pair, what is the best way to save the Private key? I do not want it to be only accessible from one machine, so I am trying to avoid using the user's key store. But MSDN says it is not safe to save the key to a file, so how else can you accomplish this?

    Read the article

  • User account design and security...

    - by espinet
    Before I begin, I am using Ruby on Rails and the Devise gem for user authentication. Hi, I was doing some research about account security and I found a blog post about the topic awhile ago but I can no longer find it again. I read something about when making a login system you should have 1 model for User, this contains a user's username, encrypted password, and email. You should also have a model for a user's Account. This contains everything else. A User has an Account. I don't know if I'm explaining this correctly since I haven't seen the blog post for several months and I lost my bookmark. Could someone explain how and why I should or shouldn't do this. My application deals with money so I need to cover my bases with security. Thanks.

    Read the article

  • Centralized Credentials Service For Various Apps

    - by Vlad
    We are researching the possibility to build a centralized credentials storage for internal applications. These apps (vb6, vb.net, web apps in asp.net, etc) are using various instances of SQL servers and iSeries. We want to implement a central credentials facility that would act as a security broker. Basically it should work like this: Client app supplies AppID (I am Sales Application) and EnvironmentID (I am running in QA environment) and in return will get either a connection object (preferred) or encrypted connection string that will allow said application to connect to resources it needs. There will be cases when application needs to connect to two (or more) database resources (i.e. to SQL and iSeries). What are looking at DP API at the moment, but I am not convinced that DP API is the solution as it tied in with machine key. In our case using machine key isn't feasible, so I want to know if there are other approaches available.

    Read the article

  • dreamweaver sites

    - by ngreenwood6
    Hello, We have over 500 sites that we host. All of there ftp information is in a database. Whenever one of our programmers have to add a site they have to get all the info and set it up. However, I found that you can export them and it has all the info except for one problem. The password is encrypted. I am not trying to hack anything, I want to know how to encrypt our passwords so that we can import them using dreamweavers import feature. Can anyone tell me what encryption they use or a link on how to encrypt. I am not interested in decrypting at all because we already have all of them so it would not do me any good. Thanks for any help

    Read the article

  • Encrypt/Decrypt SQLite-database and use it "on the fly"

    - by Berschi
    Here's the thing: In my Qt4.6-Project, I use a SQLite-Database. This database shouldn't be unencrypted on my harddrive. So I want, that on every start of my program, the user gets asked to enter a password to decrypt the database. Of course the database never should appear "in clear" (not encrypted) on my harddrive. So is there any possibility to decrypt a SQLite-database "on the fly" and read and write data? What algorithm is here the best (maybe AES)? When it's not possible (or very slow), maybe it's better to encrypt every string in the database and decrypt the string when the password was right (so that a user could open the database, but has no clue what all the entrys could mean)?

    Read the article

  • Capture DDE Data that is being streamed in to a software

    - by user534391
    Hello, I have a trading software that gets data from the internet. I want to capture that tick data. There is one software that has been made by a local develop which is able to do that and it looks like it uses DDE (NDde.dll, NetSQL.dll). I want to write a custom application that does the same. Any pointers how I can check how the data is being streamed and how to capture that data. I don't think it is encrypted, since the other developer would not have been able to decrypt either. I just need to scan how the software is getting the data. Thank you.

    Read the article

  • mysql: encrypting and decrypting data

    - by cbrulak
    Does mysql provide a mechanism for storing and retrieving encrypted data? I don't mean passwords, I mean real strings. I'd like to encrypt a string, store in mysql and then retrieve the decrypted string at a later date. So, I know there is the AES_Encrypt and decrypt functions. But they ask for a key. (which is fine) but I wondering if you call those functions and use your user password as the key. Or something else that is super-simple. Also, is there a simple wrapper for the AES_Encrypt & decrypt functions in Rails? Or do you need to build the query manually?

    Read the article

  • Secure login on your domain with Google App Engine

    - by mhost
    Hi, We are starting a very large web based service project. We are trying to decide what hosting environment to use. We would really like to use Google App Engine for scalability reasons and to eliminate the need to deal with servers ourselves. Secure logins/registrations is very important to us, as well as using our own domain. Our target audience is not very computer savvy. For this reason, we don't want to have the users have to sign up with OpenID as this can't be done within our site. We also do not want to force our customers to sign up with Google. As far as I can see, I am out of luck. I am hoping to have a definite answer to this question. Can I have an encrypted login to our site accessed via our domain, without having to send the customers to another site for the login (OpenID/Google). Thanks.

    Read the article

  • Web.config encryption/decryption

    - by Akshay
    In my applications we.config file I have a connection string stored. I encrypted it using '---open the web.config file Dim config As Configuration = _ ConfigurationManager.OpenWebConfiguration( _ Request.ApplicationPath) '---indicate the section to protect Dim section As ConfigurationSection = _ config.Sections("connectionStrings") '---specify the protection provider section.SectionInformation.ProtectSection(protectionProvider) '---Apple the protection and update config.Save() Now I can decrypt it using the code Dim config As Configuration = _ ConfigurationManager.OpenWebConfiguration( _ Request.ApplicationPath) Dim section As ConfigurationSection = _ config.Sections("connectionStrings") section.SectionInformation.UnProtectSection() config.Save() I want to know where is the key stored. Also If somehow my web.config file is stolen, will it be possible for him/her to decrypt it using thhe code above.

    Read the article

  • Best way to encrypt certain fiels in SQL Server 2008?

    - by Josh
    I'm writing a .net web app that will read and write information to a SQL 2008 backend database. Some of this information will be highly confidential in nature so I want to encrypt certain data elements. I dont want to use TDE or any full-database encryption for performance reasons. My main concern is protecting this sensitive data as a last resort against a SQL injection or even a database server compromise. My question is what is the best way to do this to preserve performance? Is it faster to use the SQL2008 encryption functions such as EncryptByKey, or would it be faster to encrypt and decrypt the data in the .NET web app itself using a symmetric key stored in the secure web.config and store the encrypted values in the DB?

    Read the article

  • user model password field default password field in django

    - by imran-glt
    Hi, I've created a custom user model in my application. This user model is working fine, but there are a couple of problems I have with it. 1) The change password link in the my register.html page doesn't work? 2) The default password box on the add/edit page for a user is a little unfriendly. Ideally, what I'd like is the two password fields from the change password form on the add/edit user form in the admin, which will automatically turn convert the entered password into a valid encrypted password in Django. This would make the admin system MUCH friendlier and much more suited to my needs, as a fair number of user accounts will be created and maintained manually in this app, and the person responsible for doing so will likely be scared off at the sight of that admin field, or just type a clear text password and wonder why it doesn't work. Is this possible / How do I do this?

    Read the article

  • RSA Encrypt in PHP to decrypt in .NET

    - by user312904
    In PHP I am RSA encrypting a message to be decrypted by .NET application... but I keep getting a "Bad Key" exception from .NET.... For RSA encryption, I am using PEAR class Crypt_RSA- encrypting with the public key (which is a modulus, exponent pair) I get from working encryption system in .NET... I guess the easiest question would be- does "Bad Key" mean it is not able to decrypt the message whatsoever? IE, it is not encrypted correctly? The harder question is- Is there anything specific about RSA encryption that causes quirks between .NET and PHP?

    Read the article

  • Custom certificate as proof of transaction

    - by Andy
    I'm developing a site where a user conducts a given transaction and once completed, the user is issued with a 'secure certificate'. The certificate serves as proof of the transaction and the user is able to upload the certificate at a later stage, to view the details of the transaction. At the moment I'm using a custom XML document with encrypted fields. It works perfect, but I would like a standardized approach, such as an X.509 certificate. I'm no encryption expert, but from what I gather, X.509 is more geared towards SSL issued by a CA. Is it possible to create your own valid valid CRT file? As a test, I created a CRT file with the example provided on WikiPedia. However, when I open the file in Windows I get this warning: Invalid Public Key Security Object File - This file is invalid as the following: Security Certificate. Not having much luck here, so time to ask the experts. What direction should I be heading in? Any guidance would be greatly appreciated.

    Read the article

  • Authentication for SaaS

    - by josh
    What would be recommended as an authentication solution for a Software-as-a-service product? Specifically, my product would have clients that would typically have low information technology skills, potentially not even having an IT department within their organization. I would still like to have my application authenticate against their internal directory service (eDirectory, Active Directory, etc.). I don't want them, however, to have to open/forward ports (for instance, opening up port 636 so I can do LDAPS binds directly to their directory service). One idea I had was to have an application installed on a server within their organization's network that would backconnect to my service. This would be a persistant socket. When I need to authenticate a user, I send the credentials via the socket (encrypted) - the application then performs a bind/whatever to authenticate against the directory service and replies with OK/FAIL. What would you suggest? My goal here is to essentially have the client install an application within their network, with very little configuration or intervention.

    Read the article

  • What is cached on a client machine when using https.

    - by TroyP
    I have an application that is working on https for everybody and on http for all but two users. The two users get a JavaScript error when trying to "edit" a page while on http but can edit the page on https. The problem is for occurs for both IE6 and FF3.6 for one of these users. Others have no problem using any browser. I have used Charles Proxy to look at the server response and no request is being made to https when on http and all browser requests return successfully. I have cleared all caches known to me on the clients (browser, jvm). Are http and https caches stored in different locations on the clients computers. Could a cached encrypted file be being read on the unencrypted port.

    Read the article

  • Can't find .Net 2.0 XML Schema

    - by Zach Smith
    I'm currently setting up an application config for a WPF application written in .Net 4.0. The connection string in the app.config is encrypted like so: <connectionStrings configProtectionProvider="DataProtectionConfigurationProvider"> <EncryptedData> <CipherData> <CipherValue>CypherValue</CipherValue> </CipherData> </EncryptedData> </connectionStrings> To use the EncryptedData element I need to include the XMLNS "http://schemas.microsoft.com/.NetConfiguration/v2.0". Attempting to include it produces an error as the schema cannot be found. Is there a way to include the schema or perhaps a different element I could use instead of EncryptedData?

    Read the article

  • Symfony 1.3 and forms: the password changes when i click on 'Save', why??

    - by user248959
    Hi, i have installed sfDoctrineGuardUser and have created this model that inherits sfGuardUser model: Usuario: inheritance: extends: sfGuardUser type: simple columns: nombre_apellidos: string(60) sexo: boolean fecha_nac: date provincia: string(60) localidad: string(255) email_address: string(255) avatar: string(255) avatar_mensajes: string(255) I have also created a module called 'miembros' based on that model. Well, I log normally through sfGuardAuth/signin, then i go to "miembros/edit/id/$id_of_the_member_i_used_to_log_in" and push 'Save' button. Then i logout. If i try to log in again, it says: "The username and/or password is invalid". Later, i have realized that when click 'Save' the value of the field 'password' changes (well its encrypted version). So that is the reason why i can not then log in. But, why the value of the password change when i click on 'Save' ??? Regards Javi

    Read the article

  • C# CF: file encryption/decryption on the fly

    - by nuttynibbles
    Hi, i've seen many article on encrypt/decrypt of file and typically a button is used to choose the file for encrypt and another button to decrypt the file. i've seen some application like truecrypt and probably others which does file encryption on-the-fly with transparent. this means that when a encrypted file is clicked to access, it will automatically decrypt and play/open the file. then when the file is closed, it will automatically encrypt again. some have said that the only way to detect file open is through file system filter. but is there other ways to do this in c# compact framework?

    Read the article

  • Exception - Illegal Block size during decryption(Android)

    - by Vamsi
    I am writing an application which encrypts and decrypts the user notes based on the user set password. i used the following algorithms for encryption/decryption 1. PBEWithSHA256And256BitAES-CBC-BC 2. PBEWithMD5And128BitAES-CBC-OpenSSL e_Cipher = Cipher.getInstance(PBEWithSHA256And256BitAES-CBC-BC); d_Cipher = Cipher.getInstance(PBEWithSHA256And256BitAES-CBC-BC); e_Cipher.init() d_Cipher.init() encryption is working well, but when trying to decrypt it gives Exception - Illegal Block size after encryption i am converting the cipherText to HEX and storing it in a sqlite database. i am retrieving correct values from the sqlite database during decyption but when calling d_Cipher.dofinal() it throws the Exception. I thought i missed to specify the padding and tried to check what are the other available cipher algorithms but i was unable to found. so request you to please give the some knowledge on what are the cipher algorithms and padding that are supported by Android? if the algorithm which i used can be used for padding, how should i specify the padding mechanism? I am pretty new to Encryption so tried a couple of algorithms which are available in BouncyCastle.java but unsuccessful. As requested here is the code public class CryptoHelper { private static final String TAG = "CryptoHelper"; //private static final String PBEWithSHA256And256BitAES = "PBEWithSHA256And256BitAES-CBC-BC"; //private static final String PBEWithSHA256And256BitAES = "PBEWithMD5And128BitAES-CBC-OpenSSL"; private static final String PBEWithSHA256And256BitAES = "PBEWithMD5And128BitAES-CBC-OpenSSLPBEWITHSHA1AND3-KEYTRIPLEDES-CB"; private static final String randomAlgorithm = "SHA1PRNG"; public static final int SALT_LENGTH = 8; public static final int SALT_GEN_ITER_COUNT = 20; private final static String HEX = "0123456789ABCDEF"; private Cipher e_Cipher; private Cipher d_Cipher; private SecretKey secretKey; private byte salt[]; public CryptoHelper(String password) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, InvalidKeySpecException { char[] cPassword = password.toCharArray(); PBEKeySpec pbeKeySpec = new PBEKeySpec(cPassword); PBEParameterSpec pbeParamSpec = new PBEParameterSpec(salt, SALT_GEN_ITER_COUNT); SecretKeyFactory keyFac = SecretKeyFactory.getInstance(PBEWithSHA256And256BitAES); secretKey = keyFac.generateSecret(pbeKeySpec); SecureRandom saltGen = SecureRandom.getInstance(randomAlgorithm); this.salt = new byte[SALT_LENGTH]; saltGen.nextBytes(this.salt); e_Cipher = Cipher.getInstance(PBEWithSHA256And256BitAES); d_Cipher = Cipher.getInstance(PBEWithSHA256And256BitAES); e_Cipher.init(Cipher.ENCRYPT_MODE, secretKey, pbeParamSpec); d_Cipher.init(Cipher.DECRYPT_MODE, secretKey, pbeParamSpec); } public String encrypt(String cleartext) throws IllegalBlockSizeException, BadPaddingException { byte[] encrypted = e_Cipher.doFinal(cleartext.getBytes()); return convertByteArrayToHex(encrypted); } public String decrypt(String cipherString) throws IllegalBlockSizeException { byte[] plainText = decrypt(convertStringtobyte(cipherString)); return(new String(plainText)); } public byte[] decrypt(byte[] ciphertext) throws IllegalBlockSizeException { byte[] retVal = {(byte)0x00}; try { retVal = d_Cipher.doFinal(ciphertext); } catch (BadPaddingException e) { Log.e(TAG, e.toString()); } return retVal; } public String convertByteArrayToHex(byte[] buf) { if (buf == null) return ""; StringBuffer result = new StringBuffer(2*buf.length); for (int i = 0; i < buf.length; i++) { appendHex(result, buf[i]); } return result.toString(); } private static void appendHex(StringBuffer sb, byte b) { sb.append(HEX.charAt((b>>4)&0x0f)).append(HEX.charAt(b&0x0f)); } private static byte[] convertStringtobyte(String hexString) { int len = hexString.length()/2; byte[] result = new byte[len]; for (int i = 0; i < len; i++) { result[i] = Integer.valueOf(hexString.substring(2*i, 2*i+2), 16).byteValue(); } return result; } public byte[] getSalt() { return salt; } public SecretKey getSecretKey() { return secretKey; } public static SecretKey createSecretKey(char[] password) throws NoSuchAlgorithmException, InvalidKeySpecException { PBEKeySpec pbeKeySpec = new PBEKeySpec(password); SecretKeyFactory keyFac = SecretKeyFactory.getInstance(PBEWithSHA256And256BitAES); return keyFac.generateSecret(pbeKeySpec); } } I will call mCryptoHelper.decrypt(String str) then this results in Illegal block size exception My Env: Android 1.6 on Eclipse

    Read the article

  • SQLite multi process access

    - by Nicolas
    Hello, We are using SQLite in a multi processes and multi threaded application. The SQLite database files are encrypted using the embedded SQLite encryption. The FAQ states that SQLite should be able to manage multi process accesses using locks mechanism. We are experiencing a strange problem: When many threads are accessing the same database file, sometime constrains violations occur, more specifically - a field with a unique constrain is getting duplicate values after calling "insert or replace" statement. It happens quite often now, that we are using the encryption. Before we started using SQLite encryption we did not notice such a behavior. Are there any specific known issues with this?

    Read the article

  • Iterative / Additive MD5

    - by Andrew Robinson
    I need to generate a checksum over a dictionary. Keys and Values. Is there any simple way to accomplish this in an iterative way. foreach(var item in dic.Keys) checksum += checksum(dic[item]) + checksum(item); In this case, keys and values could be converted to strings, concatinated and then a single checksum applied over these but is there a better way? Ideally MD5 but other options could work. Using this to validate data that is passed over a couple of storage methods. The checksum is then encrypted along with some other information (using AES) so I am not horribly worried about an ideal, unbreakable checksum.

    Read the article

  • IE won't start session from an iframe?..

    - by jayarjo
    The task was to bypass login form on remote server with a session_id acquired through a call to server's web API. So that user wouldn't have to login twice. Since there's no way to set cookies for different domain. What we came up to was - put a little file on remote server, to which we pass encrypted session_id from hidden iframe and which is supposed to start a proper session for a remote app, which is then loaded in another iframe. This approach works fine in FF/Chrome, but not IE... However if I copy url to self-made remote authorization script from iframe's src attribute to to IE's address bar and load it from there, session get's created as expected. But for some reason it just doesn't want to do the same from an iframe. Does anyone have any clue, why this is happening?

    Read the article

  • Best Pratice to Implement Secure Remember Me

    - by Yan Cheng CHEOK
    Sometimes, I came across certain web development framework which doesn't provide authentication feature as in Authenication ASP.NET I was wondering what is the security measure needs to be considered, when implementing "Remember Me" login feature, by hand coding? Here are the things I usually did. 1) Store the user name in cookie. The user name are not encrypted. 2) Store a secret key in cookie. The secret key is generated using one way function based on user name. The server will verify secret key against user name, to ensure this user name is not being changed. 3) Use HttpOnly in cookie. http://www.codinghorror.com/blog/2008/08/protecting-your-cookies-httponly.html Any things else I could miss out, which could possible lead a security hole.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 160 161 162 163 164 165 166 167 168 169 170 171  | Next Page >