Search Results

Search found 15931 results on 638 pages for 'password storage'.

Page 26/638 | < Previous Page | 22 23 24 25 26 27 28 29 30 31 32 33  | Next Page >

  • Password Cracking Windows Accounts

    - by Kevin
    At work we have laptops with encrypted harddrives. Most developers here (on occasion I have been guilty of it too) leave their laptops in hibernate mode when they take them home at night. Obviously, Windows (i.e. there is a program running in the background which does it for windows) must have a method to unencrypt the data on the drive, or it wouldn't be able to access it. That being said, I always thought that leaving a windows machine on in hibernate mode in a non-secure place (not at work on a lock) is a security threat, because someone could take the machine, leave it running, hack the windows accounts and use it to encrypt the data and steal the information. When I got to thinking about how I would go about breaking into the windows system without restarting it, I couldn't figure out if it was possible. I know it is possible to write a program to crack windows passwords once you have access to the appropriate file(s). But is it possible to execute a program from a locked Windows system that would do this? I don't know of a way to do it, but I am not a Windows expert. If so, is there a way to prevent it? I don't want to expose security vulnerabilities about how to do it, so I would ask that someone wouldn't post the necessary steps in details, but if someone could say something like "Yes, it's possible the USB drive allows arbitrary execution," that would be great! EDIT: The idea being with the encryption is that you can't reboot the system, because once you do, the disk encryption on the system requires a login before being able to start windows. With the machine being in hibernate, the system owner has already bypassed the encryption for the attacker, leaving windows as the only line of defense to protect the data.

    Read the article

  • php regex for strong password validation

    - by Jason
    Hello, I've seen around the web the following regex (?=^.{8,}$)((?=.*\d)|(?=.*\W+))(?![.\n])(?=.*[A-Z])(?=.*[a-z]).*$ which validates only if the string: * contain at least (1) upper case letter * contain at least (1) lower case letter * contain at least (1) number or special character * contain at least (8) characters in length I'd like to know how to convert this regex so that it checks the string to * contain at least (2) upper case letter * contain at least (2) lower case letter * contain at least (2) digits * contain at least (2) special character * contain at least (8) characters in length well if it contains at least 2 upper,lower,digits and special chars then I wouldn't need the 8 characters length. special characters include: `~!@#$%^&*()_-+=[]\|{};:'".,/<? thanks in advance.

    Read the article

  • How can I make an expect script prompt for a password?

    - by MiniQuark
    I have an expect script that connects to a few routers through ssh. All these routers have the same password (I know, it's wrong), and the script needs to know that password in order to be able to connect to the routers. Currently, the password is passed to my script as an argument on the command line, but this means that there's a trace of that password in my .bash_history file as well as in the running processes. So instead I would like the user to be prompted for a password, if possible silently. Do you know whether or not it's possible to prompt the user for a password with expect? Thank you. Edit: if I was connecting to servers instead of routers, I would probably use ssh keys instead of passwords. But the routers I'm using just support passwords.

    Read the article

  • C# - Password Database

    - by user335932
    So I want to make a program that allows you to store and search for user names/passwords for online sites there signed up to. I know C# has some database options but I don't know much about it. I also heard that it can read/write excel files. Whats do you think is best for storing the data? ALSO do databases need to be stored online on a sever, or can they reside in the program files?

    Read the article

  • Online file storage similar to Amazon S3

    - by Joel G
    I am looking to code a file storage application in perl similar to amazon s3. I already have a amazon s3 clone that I found online called parkplace but its in ruby and is old also isn't built for high loads. I am not really sure what modules and programs I should use so id like some help picking them out. My requirements are listed below (yes I know there are lots but I could start simple then add more once I get it going): Easy API implementation for client side apps. (maybe RESTful but extras like mkdir and cp (?) Centralized database server for the USERDB (maybe PostgreSQL (?). Logging of all connections, bandwidth used, well pretty much everything to a centralized server (maybe PostgreSQL again (?). Easy server side configuration (config file(s) stored on the servers). Web based control panel for admin(s) and user(s) to show logs. (could work just running queries from the databases) Fast High Uptime Low memory usage Some sort of load distribution/load balancer (maybe a dns based or pound or perlbal or something else (?). Maybe a cache of some sort (memcached or parlbal or something else (?). Thanks in advance

    Read the article

  • Don&rsquo;t Kill the Password

    - by Anthony Trudeau
    A week ago Mr. Honan from Wired.com penned an article on security he titled “Kill the Password: Why a String of Characters Can’t Protect Us Anymore.” He asserts that the password is not effective and a new solution is needed. Unfortunately, Mr. Honan was a victim of hacking. As a result he has a victim’s vendetta. His conclusion is ill conceived even though there are smatterings of truth and good advice. The password is a security barrier much like a lock on your door. In of itself it’s not guaranteeing protection. You can have a good password akin to a steel reinforced door with the best lock money can buy, or you can have a poor password like “password” which is like a sliding lock like on a bathroom stall. But, just like in the real world a lock isn’t always enough. You can have a lock, security system, video cameras, guard dogs, and even armed security guards; but none of that guarantees your protection. Even top secret government agencies can be breached by someone who is just that good (as dramatized in movies like Mission Impossible). And that’s the crux of it. There are real hackers out there that are that good. Killer coding ninja monkeys do exist! We still have locks on our doors, because they still serve their role. Passwords are no different. Security doesn’t end with the password. Most people would agree that stuffing your mattress with your life savings isn’t a good idea even if you have the best locks and security system. Most people agree its safest to have the money in a bank. Essentially this is compartmentalization. Compartmentalization extends to the online world as well. You’re at risk if your online banking accounts are linked to the same account as your social networks. This is especially true if you’re lackadaisical about linking those social networks to outside sources including apps. The object here is to minimize the damage that can be done. An attacker should not be able to get into your bank account, because they breached your Twitter account. It’s time to prioritize once you’ve compartmentalized. This simply means deciding how much security you want for the different compartments which I’ll call security zones. Social networking applications like Facebook provide a lot of security features. However, security features are almost always a compromise with privacy and convenience. It’s similar to an engineering adage, but in this case it’s security, convenience, and privacy – pick two. For example, you might use a safe instead of bank to store your money, because the convenience of having your money closer or the privacy of not having the bank records is more important than the added security. The following are lists of security do’s and don’ts (these aren’t meant to be exhaustive and each could be an article in of themselves): Security Do’s: Use strong passwords based on a phrase Use encryption whenever you can (e.g. HTTPS in Facebook) Use a firewall (and learn to use it properly) Configure security on your router (including port blocking) Keep your operating system patched Make routine backups of important files Realize that if you’re not paying for it, you’re the product Security Don’ts Link accounts if at all possible Reuse passwords across your security zones Use real answers for security questions (e.g. mother’s maiden name) Trust anything you download Ignore message boxes shown by your system or browser Forget to test your backups Share your primary email indiscriminately Only you can decide your comfort level between convenience, privacy, and security. Attackers are going to find exploits in software. Software is complex and depends on other software. The exploits are the responsibility of the software company. But your security is always your responsibility. Complete security is an illusion. But, there is plenty you can do to minimize the risk online just like you do in the physical world. Be safe and enjoy what the Internet has to offer. I expect passwords to be necessary just as long as locks.

    Read the article

  • Missing "log on to" field in Windows 2008 password change dialog

    - by Dmitri Chubarov
    I have to setup an embedded standalone CIFS server outside of domain environment. I shall refer to the server as storage_gateway. The default password setting for the Administrator account is Password must be changed. Until Administrator password is changed other local accounts are disabled. While the server is on default password connecting to a share causes fails with NT_STATUS_PASSWORD_MUST_CHANGE error. $ smbclient -L //storage_gateway -U Administrator session setup failed: NT_STATUS_PASSWORD_MUST_CHANGE I have a mixed Linux/Windows environment and prefer smbclient for diagnostics. To change the password in Windows 2003 Server I could press CTRL-ALT-DEL to get into the Windows Security window and change password for the remote server specifying the server name or ip address (xx.xx.xx.xx) in the system password change dialog. (the name root is just an example, I have edited the dialogs to translate them) However in Windows 2008 the corresponding dialog lacks the Log on to field. Is there a way to change a remote password in Windows 2008 Server/Windows 7?

    Read the article

  • In Windows 8, how do you disable the unlock password for Microsoft Accounts?

    - by Huckle
    In Windows 8, in the scenario where there is a single user that has a Microsoft Account (i.e., they have created their account via a Microsoft email address) how does one disable the password prompt when unlocking the screen? The Windows 7 analogy would be to disable the screensaver password prompt. I can do this on a "local" account (one not backed by Microsoft) but the setting seems to have no effect on connected accounts. To replicate: create an account using [email protected] or [email protected] Lock the screen with WinKey+L Attempt to unlock, by clicking the mouse, without entering a password.

    Read the article

  • Linksys router cannot change default password

    - by Jessica M.
    My wireless internet suddenly stopped working today. I have Windows 7 and Lindsys WRT54G router. I tried to log into the Linksys setup router page by typing in www.192.168.1.1 into firefox and it prompted me for a username and password as usual. The problem is when i tried to enter my regular username and password it did not work. I finally solved my problem when I came across this post here and the very last post solved my problem. It suggested I try username: root / password: admin. For some reason the username and password has been changed. When i tried username: root / password: admin , it worked and allowed me to get into the Linksys setup page. The problem is I can't change the username or password anymore. Every time I want to log into my Linksys setup page I have to enter username: root / password: admin. I can't change the "WPA shared key" (password). For the security settings I selected WPA2Personal + AES. Also the post said "If the firmware was upgraded to non-linksys firmware - the default will be different" . The problem is I didn't update anything and I'm worried that someone installed a virus or something or somehow changed the firmware on my router. How did I get non-Linksys firmware on my router? EDIT: I figured out how to change the password when I log into the Lynksys setup page. Administration -- Management -- password. I still don't understand if my router firmware was changed or who changed it or if it happened by mistake.

    Read the article

  • Expired password change through VPN failure

    - by Tim Alexander
    I am setting up some new accounts to be used by some contractors. they are going to connect via VPN to our network. My requirement is to set the password initially and then have them change it the first time they log in. As a result the "User must Change Password" box is checked. Loading up a laptop and testing has yielded poor results. When logging in I get a notification that the password has expired and a box to fill in, which I do. it then appears again so I dutifully fill in the password details again. I am then presented with a "Sending Password...." error box with Error:619 listed as the reason. Trying to reconnect then gives a 691 error that the password is bad. From the firewall, that is the actualy VPN server, I can see RAD_ACCESS_DENIED and from the DC running NPS (acting as a RADIUS server for the firewall with MS-CHAP-v2 enabled with the "User can change password after it has expired" checked) I cannot see a request to change the password. I can only see Event ID 4776, 4625 and 6273 (reason 16). I can log in with out the change password flag fine so I know logins are being authenticated. Really hoping someone might be able to assist in tracking down the lack of password change processin gon the DC.

    Read the article

  • User password rejected on login screen but accepted on text console login

    - by MadsirR
    I had to force shutdown my Ubuntu 12.04 64-bit, after which I restarted and tried to log in as a normal user, which was rejected several times. I then logged in as guest and tty to my regular account with use of my normal password, which succeeded. (So the password is still valid.) How can I gain access again via the normal login procedure (welcome screen)? Update: When I tried to log on with my new password, it again was denied. When I deliberately tried to log on with a faulty password, an error message came back, saying: Access denied - wrong password. I suppose, the first time the password was not rejected, but the procedure was aborted for some reason. Some additional info after trying to find a solution: I am conviced it is a Compiz-issue. Why? before this happened, all sessions came to a grinding halt, regardless of being logged on in a 2D or 3d environment. I found a link saying that I should remove Compiz and proceed in a 2D environment, which initiall worked without a glitch, until my system went into a state of total obivium. Only after that, the above mentioned troubles appeared. In the meantime I have happened to find a thread with reference 17381, describing exactly what I have experienced. For now, I will try to cure this situation (later this week) and revert with the results, hopefully to close this post. In the meantime I cordially thank you all, even if you didn't kill the problem; you gave me the inspiration to look further and find a possible cure. Update2: After 15 hrs of trial-and-error I callled it quits (When I decided to tackle this problem, I've given myself 12 hrs, to avoid massive loss of time.) I decided to re-install Precise, since the "point 1" version has become availabe. Log-in is back to normal, as is the graphic environment. Response to mouse input is stil appalling, especially when I have a series of screens open as "children"of a "parent" screen. It still completely locks up. I have installed Enlightenment, Gnome classic, Gnome 3, Cinnamon and they all behave in a similar fashion. FOR THOSE WHO NEED A WAY-OUT IN SITUATIONS OF THE LIKE: Open a terminal with [Ctrl+Alt+F2]. Type [sudo killall Firefox] (or whatever application you wish to terminate). Key in your password. Return to your graphical screen with [Ctrl+Alt+F7], and Bob's your uncle. Just re-open Firefox like nothing happened. Next time you are stuck: [Ctrl+Alt+F2], upward arrow till you meet the command of your desire, [Ctrl+Alt+F7], etcetera. Hope this is of help. My next move will be to upgrade the kernel to 3.4 from the repositories for 12.10. However, since this entails a totally new situation, I will start a new thread on this site to avoid topic pollution I will keep you posted. Still.

    Read the article

  • How to make xlock use the first key I hit as a part of my password

    - by alesplin
    I just switched from Arch Linux to Ubuntu 10.10. I'm running the Fluxbox window manager, and I use xlockmore to lock my screen with the following key shortcut: 192 :Exec xlock-mode marquee +usefirst -icongeometry 240x240 -message "back in a minute..." The problem I'm having is that xlock is definitely not using my first key as part of my password. Instead, it uses some randomized fade pattern to fade to the password screen. I find this highly annoying, as when I get back to my desk and start entering my password it doesn't register password characters until the fade pattern is complete. I've also tried the following modifications with no difference: 192 :Exec xlock -mode marquee -usefirst -icongeometry 240x240 -message "back in a minute..." 192 :Exec xlock -mode marquee -icongeometry 240x240 -message "back in a minute..." The first example worked flawlessly on Arch. Does Ubuntu have some sort of system default that you can't override on the command-line?

    Read the article

  • Force a Windows 7 user to change password when it has expired

    - by Joshua King
    Is it possible to force users (on Windows 7 PCs) to change their password once it has expired? Currently our users get notifications that their passwords will expire in 7, 3, 2 and 1 days but once the password has expired they are still able to log into their machines with the expired password. Most of our users ignore the warnings and don't change their password until we tell them they have to (when they ring Help Desk asking why their email and intranet isn't working). From memory, Windows XP machines would show a message at login that the password had expired and then offer the change password screen. Is it possible to do the same thing under Win7? Similar to how if you set a user's account to "must change password at next login" it gives the change password screen automatically.

    Read the article

  • Why is USB-sticks so much slower than Solid State Drives?

    - by Jonas
    From what I understand, USB flash memory and Solid State Drives are based on similar technologies, NAND flash memory. But USB-sticks is usually quite slow with a read and write speed of 5-10MB per second while Solid State Drives usually is very fast, usually 100-570MB per second. Why are Solid State Drives so much faster than USB-sticks? And why isn't USB-sticks faster than 5-10MB per second? Is it simply that SSD-drives uses parallel access to the NAND flash memory or are there other reasons?

    Read the article

  • How to have Windows 7 remember a password for a Domain

    - by Kelly Jones
    About eighteen months ago, I wrote a post covering how to clear saved passwords in Windows XP.  This week at work I was reminded how useful it is to not only deleted saved passwords, but to also setup wildcard credentials using this same interface. The scenario that I run into as consultant working at a client site, is that my laptop is not a member of the Windows Domain that my client uses to secure their network. So, when I need to access file shares, shared printers, or even the clients internal websites, I’m prompted for a name and password.  By creating a wildcard entry on my laptop (for the user account that the client issued to me), I avoid this prompt and can seamlessly access these resources.  (This also works when you’ve configured Outlook to access Exchange via RPC over HTTP.) How to create a credential wild card entry in Windows 7: Go to your Start Menu --> Type "user" into the Search box Click on the “Manage your credentials” in the column on the left Click on the “Add a Windows credential” link Enter the Domain (in my case my client’s domain), something like this: *.contoso.com Enter the username and password That’s it.  You should now be able to access resources in that Domain without being prompted for your name and password.  Please note: if you are required to change your password periodically for that domain, you’ll need to update your saved password as well.

    Read the article

  • ORA-28001 the password has expired error in Solaris Cluster

    - by Onur Bingul
    Solaris Cluster start or stop Oracle database using credentials of a specified user in Oracle Database. If you have issues with starting of Oracle Database resource and see ORA-28001 error message in /var/adm/messages it means that database user's who is used by Solaris Cluster to start Oracle database, password has expired. To resolve the issue reset the password of the Oracle database user SQL> alter user user_name identified by password  and change connection string in Solaris Cluster using following command -bash-3.2 # /usr/cluster/bin/clresource set -p Connect_string="user/password" oracle_resource

    Read the article

  • Sharing password-protected videos on social media

    - by PaulJ
    We are developing a site where users will be able to watch and download videos that they've recorded of themselves in a public event. The videos will be password protected, and will be available only to users who have paid for them at the event... ...But on the other hand, we also want users to share those videos on social media, since they will be an attractive publicity for our events. Having people log into our site with their password, download the video and then re-upload it to Youtube/Facebook will be too cumbersome, and I suspect that few users will be willing to do that. So the obvious alternative is to have one of those convenient "share" buttons, but the problem with that approach will be that: The video will be physically hosted (and linked to) in our site. What happens if those videos go viral and our bandwidth cost explodes? The video is password protected. The solution I've thought of for this is: Upload the user's video to our (password-protected site) and to Youtube at the same time, as an unlisted video. The user can access our site with his password and download his video (to watch on his TV or whatever). If the users hits the "share" button, we show him the Youtube link... and we turn the video into a listed one. This seems in line with the ideas in Using YouTube as a CDN, and there didn't seem to be any objections in that question. I'm posting this just to confirm that my idea doesn't violate any Youtube TOS, and also to see if it is a good one or there might be better alternatives.

    Read the article

  • Change OpenSSH account password in Linux

    - by TK Kocheran
    I suppose that my main Linux user account password serves as my SSH password as well. Is there a way I can modify this? As it turns out, I'd like to have a REALLY secure SSH password for obvious reasons, but a less secure local password, as it makes typing in passwords a heck of a lot easier on a machine. Is there a way I can change my account password in SSH without changing my Linux user password?

    Read the article

  • Wordpress - Automatic email to admin on password change

    - by espais
    Noticed something interesting in WordPress...hopefully its just me not seeing the right option. Whenever a user requests a new password, it will notify the site admin that the password was changed. What I'd like to do is disable this feature, as for this specific site I really don't care if users are changing their password. Is this a setting somewhere that I'm missing, or does it require a plugin to disable this functionality?

    Read the article

  • Problem with Using chntpw in Ubuntu to reset Windows 7 Password

    - by sandesh yadav
    I tried resetting the password of windows 7 Using 'chntpw' command in Ubuntu . It showed success . But when I try to login from Windows it does not seem to be changed. I first used live USB of ubuntu 11.10 and did ''Try Ubuntu''. Then I did sudo apt-get install chntpw and then cd /media/Vista/Windows/System32/config sudo chntpw -u username sam . I did according to this link . http://www.psychocats.net/ubuntucat/resetwindowspasswordold/ and got success like this. Hives that have changed: Name 0 Write hive files? (y/n) [n] : y 0 – OK . But when I try to login to windows with blank password , I could not login. I also tried changing the password and showed success but I could not login with that password . Thank you . Any help is very much appreciated.

    Read the article

  • How can I stop ntbackup requiring my new password every time I'm forced to change my Windows passwor

    - by Lunatik
    I have a scheduled job that runs each night using ntbackup which copies a folder on my HDD to a network share. The problem is that every time I'm required to change my Windows password I have to remember to change it in ntbackup aswell, otherwise the backup fails silently i.e. I get no warning that the backup isn't being done. Is there a way to schedule this job so it will automatically pick up my new Windows password, or somehow not be tied to my main login? My user account type is Debugger, not full Administrator, so I'm not sure if that would restrict me in any way, e.g. still forcing a four-weekly password change on a dedicated user account for this. The PC runs XP SP2 on a Windows Server 2003 R2 domain.

    Read the article

  • How do I recover my router password without resetting it?

    - by Pacerier
    I want to know the password of my router. The default username and pass isn't working. I've read this thread i forgot my wireless router password. what do i do . . however it tells me to reset the router (I do not wish to reset the router to factory settings) This is my router: Linksys Wireless-N Home Router WRT120N I'm thinking there's some way we could get the password (or bypass the need to) that we need to enter 192.168.1.1?

    Read the article

  • disable password prompt on user switch?

    - by matthewn
    I've got 11.10 on a desktop machine with two users. Both users have "Password" set to "Not asked on login" in Users Settings. At startup, either user can log in without a password. But once both users are logged in, it takes a password to switch between users. In previous Ubuntus, you could override this by setting /desktop/gnome/lockdown/disable_lock_screen to True in gconf-editor. That is ignored in the Gnome 3 / Unity era. Does anyone know a way to disable the password prompt when switching between users in Oneiric?

    Read the article

< Previous Page | 22 23 24 25 26 27 28 29 30 31 32 33  | Next Page >