Search Results

Search found 12055 results on 483 pages for 'password complexity'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 22/483 | < Previous Page | 18 19 20 21 22 23 24 25 26 27 28 29  | Next Page >

  • System recognizes admin password on the Welcome screen but not when elevating

    - by Lee C.
    I set up Windows 7 with a couple of standard accounts, and an administrator account (called Odin). I can log in to Odin just fine from the Welcome screen. While logged into Odin I can do anything that requires administrator privileges without a password: just hit Yes in the User Account Control dialog. If I am logged into one of the other accounts and I do something that requires elevation (e.g. most installers, and some control panel functionality), then Windows presents me with a User Account Control dialog asking "Do you want to allow the following program to make changes to this computer? To continue, type an administrator password, and then click Yes." The account shown in this dialog is Odin, so I enter Odin's password. But Windows redisplays the dialog with the message "Logon failure: unknown user name or bad password." This always happens, and has done so for many months, probably since I first got the computer. Why does Odin's password work from the Welcome screen, but not when elevating? Please note that I am not asking how to recover Odin's password. I remember the password I originally set for Odin, and it works as it should from the Welcome screen, but is not recognized when elevating. The password has no funny characters, just letters and digits. Thanks!

    Read the article

  • What is the best way to password protect folder/page using php without a db or username

    - by Salt Packets
    What is the best way to password protect folder using php without a database or user name but using. Basically I have a page that will list contacts for organization and need to password protect that folder without having account for every user . Just one password that gets changes every so often and distributed to the group. I understand that it is not very secure but never the less I would like to know how to do this. In the best way. It would be nice if the password is remembered for a while once user entered it correctly.

    Read the article

  • Is sending a hashed password over the wire a security hole?

    - by Ubiquitous Che
    I've come across a system that is in use by a company that we are considering partnering with on a medium-sized (for us, not them) project. They have a web service that we will need to integrate with. My current understanding of proper username/password management is that the username may be stored as plaintext in the database. Every user should have a unique pseudo-random salt, which may also be stored in plaintext. The text of their password must be concatenated with the salt and then this combined string may be hashed and stored in the database in an nvarchar field. So long as passwords are submitted to the website (or web service) over plaintext, everything should be just lovely. Feel free to rip into my understanding as summarized above if I'm wrong. Anyway, back to the subject at hand. The WebService run by this potential partner doesn't accept username and password, which I had anticipated. Instead, it accepts two string fields named 'Username' and 'PasswordHash'. The 'PasswordHash' value that I have been given does indeed look like a hash, and not just a value for a mis-named password field. This is raising a red flag for me. I'm not sure why, but I feel uncomfortable sending a hashed password over the wire for some reason. Off the top of my head I can't think of a reason why this would be a bad thing... Technically, the hash is available on the database anyway. But it's making me nervous, and I'm not sure if there's a reason for this or if I'm just being paranoid.

    Read the article

  • Big O Complexity of a method

    - by timeNomad
    I have this method: public static int what(String str, char start, char end) { int count=0; for(int i=0;i<str.length(); i++) { if(str.charAt(i) == start) { for(int j=i+1;j<str.length(); j++) { if(str.charAt(j) == end) count++; } } } return count; } What I need to find is: 1) What is it doing? Answer: counting the total number of end occurrences after EACH (or is it? Not specified in the assignment, point 3 depends on this) start. 2) What is its complexity? Answer: the first loops iterates over the string completely, so it's at least O(n), the second loop executes only if start char is found and even then partially (index at which start was found + 1). Although, big O is all about worst case no? So in the worst case, start is the 1st char & the inner iteration iterates over the string n-1 times, the -1 is a constant so it's n. But, the inner loop won't be executed every outer iteration pass, statistically, but since big O is about worst case, is it correct to say the complexity of it is O(n^2)? Ignoring any constants and the fact that in 99.99% of times the inner loop won't execute every outer loop pass. 3) Rewrite it so that complexity is lower. What I'm not sure of is whether start occurs at most once or more, if once at most, then method can be rewritten using one loop (having a flag indicating whether start has been encountered and from there on incrementing count at each end occurrence), yielding a complexity of O(n). In case though, that start can appear multiple times, which most likely it is, because assignment is of a Java course and I don't think they would make such ambiguity. Solving, in this case, is not possible using one loop... WAIT! Yes it is..! Just have a variable, say, inc to be incremented each time start is encountered & used to increment count each time end is encountered after the 1st start was found: inc = 0, count = 0 if (current char == start) inc++ if (inc > 0 && current char == end) count += inc This would also yield a complexity of O(n)? Because there is only 1 loop. Yes I realize I wrote a lot hehe, but what I also realized is that I understand a lot better by forming my thoughts into words...

    Read the article

  • Is there a shorthand term for O(n log n)?

    - by jemfinch
    We usually have a single-word shorthand for most complexities we encounter in algorithmic analysis: O(1) == "constant" O(log n) == "logarithmic" O(n) == "linear" O(n^2) == "quadratic" O(n^3) == "cubic" O(2^n) == "exponential" We encounter algorithms with O(n log n) complexity with some regularity (think of all the algorithms dominated by sort complexity) but as far as I know, there's no single word we can use in English to refer to that complexity. Is this a gap in my knowledge, or a real gap in our English discourse on computational complexity?

    Read the article

  • How secure is a bluetooth keyboard against password sniffing?

    - by jhs
    In a situation where an admin will enter sensitive information into a keyboard (the root password), what is the risk that a bluetooth keyboard (ship by default with Mac systems these days) would put those passwords at risk? Another way of asking would be: what security and encryption protocols are used, if any, to establish a bluetooth connection between a keyboard and host system?

    Read the article

  • How can i recover a zip password using CUDA (GPU) ?

    - by marc
    How can i recover a zip password on linux using CUDA (GPU). For the past two days i tried using "fcrackzip" but it's too slow Few months back i saw some application that can use GPU / CUDA and get large performance boost in comparison to CPU. If brute-force using cuda is not possible, please tell me what's the best application for performing a dictionary attack, and where can i find best (largest) dictionary. Regards

    Read the article

  • repeated request for wireless password, no wireless connection

    - by Tris
    whenever i try to connect to a wireless network, ubuntu (11.10) asks for the password. when i enter this it thinks for a couple of minutes, then asks for the password again. This happens repeatedly. (it isn't a problem with the wireless modem itself, as i can connect to wireless from the windows 7 opererating system i have running along side ubuntu. If anyone has any ideas about how to fix this they would be much appreciated! Thanks

    Read the article

  • When is a domain computer account scheduled to change the password?

    - by Jason Stangroome
    I understand domain-joined computers have machine accounts in AD and these accounts have passwords that expire (apparently every 30 days by default) and those passwords are automatically changed without user intervention. Given that this is known to cause issues when restoring snapshots of domain-joined virtual machines, is it possible to query the domain-joined computer or AD to determine when the machine account password is next scheduled to be changed?

    Read the article

  • How to Reset Your Forgotten Domain Admin Password on Server 2008 R2

    - by Taylor Gibb
    Forgetting your password is always a pain, but luckily there’s an easy way to reset your Domain Administrator password. All you need is a copy of the Windows Server 2008 R2 installation disk and one simple command line trick. HTG Explains: What Is Windows RT and What Does It Mean To Me? HTG Explains: How Windows 8′s Secure Boot Feature Works & What It Means for Linux Hack Your Kindle for Easy Font Customization

    Read the article

  • Using a saved password for remote desktop access from Windows 7

    - by TATWORTH
    This past week I have been accessing a remote server by remote desktop access from a Windows 7 PC. Whilst I could save the password, windows 7 will not use it if the remote system is not fully verified. The fix is excellently documented at http://www.perceptible.net/post/2009/02/03/How-To-Enable-Use-of-Saved-Credentials-with-Remote-Desktop-to-Almost-Fully-Authenticated-Machines.aspx I used it and the connection process stopped asking for the password to be re-entered! (n.b. no gpedit -force is required)

    Read the article

  • How do I password protect my printer in Windows 7?

    - by Dillie-O
    I have two young kids who have gotten rather computer saavy. They love playing their games, especially when it allows them to print out awards or coloring pages. Unfortunately this means that in the time it takes to refresh my cup of coffee, they can easily drop a 10 page document into the printer queue, and my printer ink runs out rather fast. How would I setup some kind of password protection on the printing, so that I would have to do some kind of final approval before they get their printouts?

    Read the article

  • Require password to login to Nexus 7

    - by gnudoc
    The default behavior in the Nexus 7 Image is to log straight in to the default user's desktop, bypassing the lightdm greeter. This seems like an acceptable behavior for testing the core but it's clearly insecure. I've changed the default password and would like lightdm to actually require the password to be entered, rather than just having a button that says "login". I've turned automatic login on and off in System Settings ? User Accounts but this doesn't help. Any suggestions?

    Read the article

  • Help needed in grokking password hashes and salts

    - by javafueled
    I've read a number of SO questions on this topic, but grokking the applied practice of storing a salted hash of a password eludes me. Let's start with some ground rules: a password, "foobar12" (we are not discussing the strength of the password). a language, Java 1.6 for this discussion a database, postgreSQL, MySQL, SQL Server, Oracle Several options are available to storing the password, but I want to think about one (1): Store the password hashed with random salt in the DB, one column Found on SO and elsewhere is the automatic fail of plaintext, MD5/SHA1, and dual-columns. The latter have pros and cons MD5/SHA1 is simple. MessageDigest in Java provides MD5, SHA1 (through SHA512 in modern implementations, certainly 1.6). Additionally, most RDBMSs listed provide methods for MD5 encryption functions on inserts, updates, etc. The problems become evident once one groks "rainbow tables" and MD5 collisions (and I've grokked these concepts). Dual-column solutions rest on the idea that the salt does not need to be secret (grok it). However, a second column introduces a complexity that might not be a luxury if you have a legacy system with one (1) column for the password and the cost of updating the table and the code could be too high. But it is storing the password hashed with a random salt in single DB column that I need to understand better, with practical application. I like this solution for a couple of reasons: a salt is expected and considers legacy boundaries. Here's where I get lost: if the salt is random and hashed with the password, how can the system ever match the password? I have theory on this, and as I type I might be grokking the concept: Given a random salt of 128 bytes and a password of 8 bytes ('foobar12'), it could be programmatically possible to remove the part of the hash that was the salt, by hashing a random 128 byte salt and getting the substring of the original hash that is the hashed password. Then re hashing to match using the hash algorithm...??? So... any takers on helping. :) Am I close?

    Read the article

  • In Puppet, how would I secure a password variable (in this case a MySQL password)?

    - by Beaming Mel-Bin
    I am using Puppet to provision MySQL with a parameterised class: class mysql::server( $password ) { package { 'mysql-server': ensure => installed } package { 'mysql': ensure => installed } service { 'mysqld': enable => true, ensure => running, require => Package['mysql-server'], } exec { 'set-mysql-password': unless => "mysqladmin -uroot -p$password status", path => ['/bin', '/usr/bin'], command => "mysqladmin -uroot password $password", require => Service['mysqld'], } } How can I protect $password? Currently, I removed the default world readable permission from the node definition file and explicitly gave puppet read permission via ACL. I'm assuming others have come across a similar situation so perhaps there's a better practice.

    Read the article

  • How to create a password-less service account in AD?

    - by Andrew White
    Is it possible to create domain accounts that can only be accessed via a domain administrator or similar access? The goal is to create domain users that have certain network access based on their task but these users are only meant for automated jobs. As such, they don't need passwords and a domain admin can always do a run-as to drop down to the correct user to run the job. No password means no chance of someone guessing it or it being written down or lost. This may belong on SuperUser ServerFault but I am going to try here first since it's on the fuzzy border to me. I am also open to constructive alternatives.

    Read the article

  • How secure is a bluetooth keyboard against password sniffing?

    - by jhs
    In a situation where an admin will enter sensitive information into a keyboard (the root password), what is the risk that a bluetooth keyboard (ship by default with Mac systems these days) would put those passwords at risk? Another way of asking would be: what security and encryption protocols are used, if any, to establish a bluetooth connection between a keyboard and host system? Edit: Final Summary All answers are excellent. I accepted that which links to the most directly applicable information however I also encourage you to read Nathan Adams's response and discussion about security trade-offs.

    Read the article

  • WinXP password messed up after reset

    - by Mark Flint
    I changed my winXP logon password - but could not get in. Obviously I made the some mistake twice... caps lock or something but couldn't get the password. So I booted into safe mode, when into Users and changed the password. Now I when I restart I can get in at logon with my new password, but the standard screensaver - which used to be the same as my user logon - now is something different. I think it's still the previous one which I couldn't get right. Now when I go into Users (not in safe mode) and try and change the password I can't. It won't accept my new user logon which works fine when logging on. I think this too is still the previous one which I couldn't get right. How can I definitely reset the password so it works at logon, in the control panel/users, and the screensaver?

    Read the article

  • Issue changing mysql password on Debian

    - by Sean
    I installed mysql on my Debian server. I couldn't get into the database because it kept saying I put in the wrong password so I looked on the internet and found that I could log onto mysql using the command sudo mysql --defaults-file=/etc/mysql/debian.cnf From there I went typed use mysql;then mysql> UPDATE user SET password=PASSWORD('password') WHERE user='root'; Which I know switched the password because I typed the command select Host, User, Password from user; And it showed the encrypted characters had changed for all three of the root user categories. But I am still not able to login to mysql using mysql -u root -p

    Read the article

  • How can I restore the stored password in firefox 15.0.1 when deleted by error?

    - by Bob Legringe
    I, by error, deleted my stored passwords, using the "Wise disc cleaner 7" program. As I saw on another thread, the passwords are stored in 2 files signons.sqlite and the encryption key file key3.db When opening the file signons.sqlite with the text editor, I can see that the web adresses of the sites belonging to the passwords are still there. They have not been deleted by the "Wise disc cleaner 7" program, and adding a stored password on Firefox just modifies the file. However, Firefox will not display my old stored passwords and neither their respective sites. Is there any way to "undelete" the passwords?

    Read the article

  • Keyring no longer prompts for password when SSH-ing

    - by Lie Ryan
    I remember that I used to be able to do ssh [email protected] and have a prompt asks me for a password to unlock the keyring for the whole GNOME session so subsequent ssh wouldn't need to enter the keyring password any longer (not quite sure if this is in Ubuntu or other distro). But nowadays doing ssh [email protected] would ask me, in the terminal, my keyring password every single time; which defeats the purpose of using SSH keys. I checked $ cat /etc/pam.d/lightdm | grep keyring auth optional pam_gnome_keyring.so session optional pam_gnome_keyring.so auto_start which looks fine, and $ pgrep keyring 1784 gnome-keyring-d so the keyring daemon is alive. I finally found that SSH_AUTH_SOCK variable (and GNOME_KEYRING_CONTROL and GPG_AGENT_INFO and GNOME_KEYRING_PID) are not being set properly. What is the proper way to set this variable and why aren't they being set in my environment (i.e. shouldn't they be set in default install)? I guess I can set it in .bashrc, but then the variables would only be defined in bash session, while that is fine for ssh, I believe the other environment variables are necessary for GUI apps to use keyring.

    Read the article

  • SQLAuthority News – Wireless Router Security and Attached Devices – Complex Password

    - by pinaldave
    In the last four days (April 21-24), I have received calls from friends who told me that they have got strange emails from me. To my surprise, I did not send them any emails. I was not worried until my wife complained that she was not able to find one of the very important folders containing our daughter’s photo that is located in our shared drive. This was alarming in my par, so I started a search around my computer’s folders. Again, please note that I am by no means a security expert. I checked my entire computer with virus and spyware, and strangely, there I found nothing. I tried to think what can cause this happening. I suddenly realized that there was a power outage in my area for about two hours during the days I have mentioned. Back then, my wireless router needed to be reset, and so I did. I had set up my WPA-PSK [TKIP] + WPA2-PSK [AES] very well. My key was very simple ( ‘SQLAuthority1′), and I never thought of changing it. (It is now replaced with a very complex one). While checking the Attached Devices, I found out that there was another very strange computer name and IP attached to my network. And so as soon as I found out that there is strange device attached to my computer, I shutdown my local network. Afterwards, I reconfigured my wireless router with a more complex security key. Since I created the complex password, I noticed that the user is no more connecting to my machine. Subsequently, I figured out that I can also set up Access Control List. I added my networked computer to that list as well. When I tried to connect from an external laptop which was not in the list but with a valid security key, I was not able to access the network, neither able to connect to it. I wasn’t also able to connect using a remote desktop, so I think it was good. If you have received any nasty emails from me (from my gmail account) during the afore-mentioned days, I want to apologize. I am already paying for my negligence of not putting a complex password; by way of losing the important photos of my daughter. I have already checked with my client, whose password I saved in SSMS, so there was no issue at all. In fact, I have decided to never leave any saved password of production server in my SSMS. Here is the tip SQL SERVER – Clear Drop Down List of Recent Connection From SQL Server Management Studio to clean them. I think after doing all this, I am feeling safe right now. However, I believe that safety is an illusion of many times. I need your help and advice if there is anymore I can do to stop unauthorized access. I am seeking advice and help through your comments. Reference : Pinal Dave (http://www.SQLAuthority.com) Filed under: SQL, SQL Authority, SQL Query, SQL Security, SQL Server, SQL Tips and Tricks, SQLAuthority News, T SQL, Technology

    Read the article

  • How can I cache a Subversion password on a server, without storing it in unencrypted form?

    - by Zilk
    My Subversion server only provides access via HTTPS; support for svn+ssh has been dropped because we wanted to avoid creating system users on that machine just for SVN access. Now I'm trying to provide a way for users to cache their passwords for a while, without leaving them stored on the filesystem in unencrypted form. This is no problem for Gnome or KDE users, because they can use gnome-keyring and kwallet, respectively. IIRC, TortoiseSVN has a similar caching mechanism, too. But what about users on a non-GUI system? Some context: in this case, we have a development/testing server where one project has been checked out into the Apache htdocs directory. Development for this project is almost complete, and only minor text/layout changes are performed directly on this server. Nevertheless, the changes should be checked into the repository. There's no kwallet and no gnome-keyring on this system, and the ssh-agent can't help because the repository is accessed via https instead of svn+ssh. As far as I know, that leaves them the choice of entering the password every time they talk to the SVN server, or storing it in an insecure way. Is there any way to get something like what gnome-keyring and kwallet provide in a non-GUI environment?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 18 19 20 21 22 23 24 25 26 27 28 29  | Next Page >