Search Results

Search found 21719 results on 869 pages for 'password security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 169/869 | < Previous Page | 165 166 167 168 169 170 171 172 173 174 175 176  | Next Page >

  • Hashes or tokens for "remember me" cookies?

    - by Emanuil Rusev
    When it comes to remember me cookies, there are 2 distinct approaches: Hashes The remember me cookie stores a string that can identify the user (i.e. user ID) and a string that can prove that the identified user is the one it pretends to be - usually a hash based on the user password. Tokens The remember me cookie stores a random (meaningless), yet unique string that corresponds with with a record in a tokens table, that stores a user ID. Which approach is more secure and what are its disadvantages?

    Read the article

  • Recent OpenSLL book

    - by Martin
    Does anyone know of a more recent OpenSLL book then Network Security with OpenSSL: Cryptography for Secure Communications (http://www.opensslbook.com/). It is from 2002 and does not cover OpenSSL version 0.97+. Best would be a book for OpenSSL 1.0.0 but I guess that one is to recent.

    Read the article

  • Using @Secured Annotation causes IS_FULLY_AUTHENTICATED problem in grails

    - by TripWired
    I'm using Acegi/Spring Security in grails and when i use the annotations like @Secured(['ROLE_ADMIN']) it denies my login even though the user is part of ROLE_ADMIN. In looking through the login is it seems that it's getting an IS_AUTHENTICATED_FULLY role also but I have never added that to a page so i'm not sure how to bypass that. I read somewhere to preauthorize the user, but i'm not sure how to do that with grails.

    Read the article

  • How to test a site rigorously?

    - by Sarfraz
    Hello, I recently created a big portal site. It's time for putting it to test. How do you guys test a site rigorously? What are the ways and tools for that? Can we sort of mimic hundreds of virtual users visiting the site to see its load handling? The test should be for both security and speed Thanks in advance.

    Read the article

  • Is there a current OpenSSL book?

    - by Martin
    Does anyone know of a more recent OpenSSL book than "Network Security with OpenSSL: Cryptography for Secure Communications" (http://www.opensslbook.com/)? It is from 2002 and does not cover OpenSSL version 0.97+. Best would be a book for OpenSSL 1.0.0 but I guess that one is too recent.

    Read the article

  • Is it possible to create a FIPS 140-2 compliant server in Perl?

    - by Nayruden
    The question is pretty simple, is it possible to create a FIPS 140-2 compliant server in Perl? Especially, is it possible without modifying any of the C code for the modules? If it's not possible in straight Perl, what would be the easiest way to go about it from a C perspective? I'm basically creating a mini-httpd that only serves up a single file, but due to security restrictions it needs to be served up on SSL under FIPS compliance.

    Read the article

  • Can a python view template be made to be 'safe/secure' if I make it user editable?

    - by Blankman
    Say I need to have a templating system where a user can edit it online using an online editor. So they can put if tags, looping tags etc., but ONLY for specific objects that I want to inject into the template. Can this be made to be safe from security issues? i.e. them somehow outputing sql connection string information or scripting things outside of the allowable tags and injected objects.

    Read the article

  • Interrogating Java source code

    - by VibeofBoston
    I have a Java source code that I need to interrogate and apply security policies [for e.g. applying CWE] I have couple of ideas, for starters using AST and then travel thru the tree. Others include using regular expression. Are there any options other than AST or regex that I could use for such process.

    Read the article

  • Node.js A Good authentication module ? or whats the proper way to authenticate users?

    - by Mohamed Ahmed
    I'm learning Node.js and looking forward to create a simple web application which will be based on Express and I was thinking of something like creating user groups and each group has its own users and each group has its own permissions (Just like ACL in Cakephp) So can anyone recommend a good module or whatever to do so ? Also I'm a little curious about security and how these passwords are going to be saved and what type of encryption the passwords will be encrypted in. Thanks :)

    Read the article

  • Unsure how to modify userDetailsService to allow for custom userDetails but keep datasource

    - by adam2510
    what i am trying to do is i'm following this http://www.theserverside.com/tip/-Spring-Security-Customizing-Your-User-and-Authorization-in website to attempt to customise the UserDetails so i can retrieve more fields regarding to the user... as far as implementing the UserDetails, where i am confused is the UserDetailsService at the moment i only have the code for the userDetailsService that is in the website linked above i'm just not sure on how to go about doing it

    Read the article

  • Are WCF Services encrypted automatically if they go over SSL?

    - by michael
    Basically, if I have a plain WCF Service over HTTPS is it automatically secure? [ServiceContract] public interface ICalc { [OperationContract] int add(int a, int b); } public class Calculator : ICalc { public int add(int a, int b) { return a + b; } } I figure the actual SOAP message isn't encrypted here, but is it still secure if I use https? Basically, if I use a basichttpbinding with no security settings in my config over https://www.myserver.com/services/Calc.svc is that secure?

    Read the article

  • Is it possible to authenticate on another website?

    - by Blankman
    If I am on a website#1, and I enter my username/pwd for website#2 on a login page that is on website#1, and website#1, behind the scenes, makes a httpwebrequest to website#2 and posts to the login page. If I then navigate to website#2, should I be logged in? website#2 uses formsauthentication and I call a httpHandler that is on website#2 and pass it the username/password via the querystring. Should this work?

    Read the article

  • Is there a Veil-like plug-in for MySQL?

    - by Kevin
    We have a MySQL database and would like to have row-level security implemented at the database level. I have been playing with the Veil plug-in for PostgreSQL and like what it does. Is there something similar for MySQL so we do not have to convert over to PostgreSQL?

    Read the article

  • How to disallow a windows service stop

    - by Saar
    I have some security related service running on my machine (start type = automatic) In the service control manager, the stop/restart commands are grayed out. I was wondering how can I develop such service for which the stop operation is disallowed. Note that I am logged in as an administrator

    Read the article

  • What's the big deal with brute force on hashes like MD5

    - by Jan Kuboschek
    I just spent some time reading http://stackoverflow.com/questions/2768248/is-md5-really-that-bad (I highly recommend!). In it, it talks about hash collisions. Maybe I'm missing something here, but can't you just encrypt your password using, say, MD5 and then, say, SHA-1 (or any other, doesn't matter.) Wouldn't this increase the processing power required to brute-force the hash and reduce the possibility of collision?

    Read the article

  • CPU emulator on C for assembler

    - by krlzx00
    Hi, there. I have a problem. I´m working on a little aplication of security, but i recived an array that means a bytes, and that bytes can be interpreted as a assembler code, so my cuestion is.... some one knows a library that a i can use on my aplication that can execute this bytes and show what it do, or something like that?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 165 166 167 168 169 170 171 172 173 174 175 176  | Next Page >