Search Results

Search found 21719 results on 869 pages for 'password security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 204/869 | < Previous Page | 200 201 202 203 204 205 206 207 208 209 210 211  | Next Page >

  • How secure is encryption?

    - by Stomped
    Let me preface this by saying I know nothing about encryption. I understand the basic concept of public key / private key encryption but I don't how easily it can be broken, if at all. If one were to believe the movies, encrypted data can be broken by a teenager with a decent computer in a few hours. I have a client who wants credit card information sent via email - encrypted of course, but I'm still not feeling terribly good about the idea. I feel it would be safer to store the info on the VPS, but even then its an unmanaged server and there's nobody watching it who knows much about security. So can anyone tell me if there's a safe way to store and/or send this data out? Thanks

    Read the article

  • What is a good way to simulate O_NOFOLLOW on systems without this flag?

    - by Daniel Trebbien
    I would like to safely be able to simulate open with O_CREAT | O_WRONLY | O_TRUNC | O_NOFOLLOW and O_CREAT | O_WRONLY | O_APPEND | O_NOFOLLOW on systems that do not support O_NOFOLLOW. I can somewhat achieve what I am asking for with: struct stat lst; if (lstat(filename, &lst) != -1 && S_ISLNK(lst.st_mode)) { errno = ELOOP; return -1; } mode_t mode = S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH; int fd = open(filename, O_CREAT | O_WRONLY | O_TRUNC | O_NOFOLLOW, mode); but then I introduce a race condition and possibly a security problem. I thought about maybe creating a dummy file with only the user being able to write, kind of like touching filename, doing the lstat check, and then using chmod after I finish writing (to correct the file mode bits), but I could be overlooking something major (e.g. if the file at filename exists, is not a regular file, or is already a symbolic link). What do you think?

    Read the article

  • Good ACL implementation in Java

    - by yonconf
    Hi All. I'm implementing a web based document management system and I'd like to implement ACLs in my system. My formal requirements are hierarchal permissions (documents inherit permissions from their folders) user groups (users can dynamically create groups and associate users with groups). Such groups can have permissions on objects in the system. My code will query permission on objects in two cases: 1. Manipulating a single document 2. Listing all documents where a manipulation is possible The latter requirement seems the achilles heel for Spring Security ACLs (their method seems likely to incur multiple DB hits for each document I manage) Anyone know of another ACL implementation? Thanks!

    Read the article

  • Why can't I log into Lubuntu after the 13.04 update, even if I know the password?

    - by gudrun
    After the 13.04 update the login screen started to appear, even though I chose to automatically login in the Lubuntu install options one week ago. Even if my password and username is correct it won't login, it will just come back to the login screen. When I press ALT-CTRL-F1 at the login screen I am able to login perfectly, but I have no GUI and I'm kind of lost on that field. WHat is going?Is it just a bug? Can I downgrade?I tried several forums with different solutions but none of them worked.

    Read the article

  • How can I authenticate Ubuntu Software Center with user password?

    - by user71852
    I would like to be able to use the password associated with this account to install packages with the GUI. Ideally, I would change the settings so that any user with sudo permissions could install packages. If that is not possible, I would like to be able to list all users that should be able to install. I know that this involves making changes to Policy Kit, and I have read a page with a similar question. However, I must need information specific to my own problem, because all my attempts so far have failed.

    Read the article

  • Is it more secure to run a desktop app in a applet?

    - by Tom Brito
    Fist of all, when I say "run a desktop app in a applet" I mean do a Applet application that runs off-line, instead of a Desktop application that runs inside a JFrame. The little I know about applets (and maybe something I say is wrong, please correct me) is that applets have all permitions not granted by default. Also, the applets run inside a Sandbox, that does not allow information in or out without explicity permition. So, if I am focused on security in my application, its best to run it inside an applet (off-line, for a desktop application) then inside a JFrame. Is it right?

    Read the article

  • Why is using a Non-Random IV with CBC Mode a vulnerability?

    - by The Rook
    I understand the purpose of an IV. Specifically in CBC mode this insures that the first block of of 2 messages encrypted with the same key will never be identical. But why is it a vulnerability if the IV's are sequential? According to CWE-329 NON-Random IV's allow for the possibility of a dictionary attack. I know that in practice protocols like WEP make no effort to hide the IV. If the attacker has the IV and a cipher text message then this opens the door for a dictionary attack against the key. I don't see how a random iv changes this. (I know the attacks against wep are more complex than this.) What security advantage does a randomized iv have? Is this still a problem with an "Ideal Block Cipher"? (A perfectly secure block cipher with no possible weaknesses.)

    Read the article

  • Application Role and access second database

    - by lszk
    I have written a script to create an audit trails to my database in a second one db. So far I had no problems during tests on my dev machine from SQL Server Management Studio. Problems started to occurs when I first tried to test my triggers from my application by modyfing data in it. Using profiler I found out, that my audit trails db is not visible in sys.databases, so here lies the problem. The application using an Application Role, so as I found on MSDN, that's why I can't get access to other db on the server. I'm not a DBA. I have no experience with properly settings the security stuff, so please guide me, how can I set the setting for guest account (according to MSDN) to get access to this db? I need to have a record for this database in sys.databases and I need to be able to insert data in this database in all tables. No select, update or delete I need.

    Read the article

  • What information about a user is available via PHP?

    - by Camran
    This is about a classifieds website, where anyone may post classifieds. I have a security database which I intend to fill with information about the user who posts the classifieds. I intend to record information such as IP, name, tel, email, classified_text, classified_title etc etc. The reason for all this is that sometimes people become victims of fraud (fake classifieds etc). So I wonder, what information is possible to get from the poster which may help in tracking him/her down? IP is a given, but what else could be useful? And I would much like examples of how it would be useful also, as well as the code for it please, like $_SERVER['REMOTE_ADDR']. And btw, I use PHP and have Sql as a database. Thanks

    Read the article

  • How to check an exectuable's path is correct in PHP?

    - by nickf
    I'm writing a setup/installer script for my application, basically just a nice front end to the configuration file. One of the configuration variables is the executable path for mysql. After the user has typed it in (for example: /path/to/mysql-5.0/bin/mysql or just mysql if it is in their system PATH), I want to verify that it is correct. My initial reaction would be to try running it with "--version" to see what comes back. However, I quickly realised this would lead to me writing this line of code: shell_exec($somethingAUserHasEntered . " --version"); ...which is obviously a Very Bad Thing. Now, this is a setup script which is designed for trusted users only, and ones which probably already have relatively high level access to the system, but still I don't think the above solution is something I want to write. Is there a better way to verify the executable path? Perhaps one which doesn't expose a massive security hole?

    Read the article

  • Symfony 2 form repeated validation in Entity with annotation

    - by Sukhrob
    My question is "How can I do form repeated validation in Entity with annotation?". I have an Account entity with (email, password and confirmPassword) attributes. When a new user registers a new account, he/she has to fill in email, password and confirmPassword fields. Obviously, password and confirmPassword fields must match. I saw an example of this validation with pure php (form builder) in Stachoverflow like below. $builder->add('password', 'repeated', array( 'type' => 'password', 'first_name' => 'Password', 'second_name' => 'Password confirmation', 'invalid_message' => 'Passwords are not the same', )); But, this is not what I want. I want this functionality with annotation in my Account entity. Maybe * @Assert\Match( * matchField = "password", * message = "The password confirmation does not match password." * ) protected $confirmPassword;

    Read the article

  • how to use same password on different userform on specicy worksheet?

    - by user3736237
    How to use same pw on different userform on specicy worksheet? E.g worksheet 1 open userform1 & worksheet 2 open userform2, but both using same password? This is the password ElseIf Pw = "1234" Then ImageNo = "PicGoh" pwno = 2 Or pwno = 3 ' ElseIf Pw = "1111" Then ' ImageNo = "PicGoh" ' pwno = 3 ElseIf Pw = "" Then pwno = 0 Else pwno = 1 End If End Sub Sub Mac3() If pwno = 0 Then Exit Sub ElseIf pwno = 3 Then UserForm2.Show ElseIf pwno = 2 Then UserForm1.Show ElseIf pwno = 1 Then MyVar = MsgBox("Wrong Password! Please Key In Your Password Again") If MyVar = 1 Then MacPw Mac3 End If End If End Sub

    Read the article

  • How do I reset my BIOS password on a Advent 4211 Netbook?

    - by SocialAddict
    The title says it all really but I was hoping for a software solution to remove the password or find out what it is or even change it. It's my laptop but I can't remember what I set the BIOS password too. I know on a PC to take out the battery and clear it with the jumpers but on a laptop I'm slightly scared of breaking something. Any help would be appreciated as I'm currently without a machine!

    Read the article

  • how to disable RemoteApp sessions lock if idle for 10 minutes and require no user needs to input password to unlock?

    - by Carlos Sanchez
    RemoteApp sessions lock if idle for 10 minutes, user needs to input password to unlock. My users are running an application from Win2008 Terminal server using RemoteApp. If the application remains idle for 10 minutes it gets "locked" and the user is required to enter username and password to continue using it. This is VERY VERY annoying as the app usually sits idle for bout 20-30 minutes, used for 1 min... repeat.

    Read the article

  • how to disable RemoteApp sessions lock if idle for 10 minutes and require no user needs to input password to unlock?

    - by Carlos Sanchez
    RemoteApp sessions lock if idle for 10 minutes, user needs to input password to unlock. My users are running an application from Win2008 Terminal server using RemoteApp. If the application remains idle for 10 minutes it gets "locked" and the user is required to enter username and password to continue using it. This is VERY VERY annoying as the app usually sits idle for bout 20-30 minutes, used for 1 min... repeat.

    Read the article

  • How to change permission of my centos if I don't have the root password?

    - by Ali
    I've setup server on mac using virtualbox and my server is centos. but the guy who did it for me he forgot the root password that he setup at the beginning and what happen now is my website have a lot of problem due to the permission issues. So what can I do in order to retrive the password or even to change my permission without using root? The group for my website is apache and I believe I'm not in the same group.

    Read the article

  • How do I set or remove a Windows SMB password?

    - by David Is Not Here
    I recently purchased a computer with the intention of using it as network-attached storage. It presently has no Windows password and only one account. Can I create two different shares (share two different folders) in different ways -- make one publicly accessible, and make another only visible to people with a certain username/password combination? Creating multiple users isn't a problem, I just can't figure out where to start within Windows.

    Read the article

  • How can you avoid being asked to enter your BitBucket password when you push to BitBucket wiki?

    - by CalumJEadie
    I'm not sure if everyone experiences this - when I edit a BitBucket wiki locally (through a git repository) I have to enter my BitBucket password for every pull and push. Is there any way around this? I have ssh correctly configured to use a key that is unlocked by gnome-keyring. Pushing to the code repository for my project in BitBucket works fine - I do not need to enter either by BitBucket or ssh key password.

    Read the article

  • How do I get SQL Profiler to show statements with column names like 'password'?

    - by Kev
    I'm profiling a database just now and need to see the UPDATE and INSERT statements being executed on a particular table. However, because the table has a 'Password' column the SQL Profiler is being understandingly cautious and replacing the TextData column with: -- 'password' was found in the text of this event. -- The text has been replaced with this comment for security reasons. How do I prevent it doing this because I need to see the SQL statement being executed?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 200 201 202 203 204 205 206 207 208 209 210 211  | Next Page >