Search Results

Search found 40429 results on 1618 pages for 'change password'.

Page 35/1618 | < Previous Page | 31 32 33 34 35 36 37 38 39 40 41 42  | Next Page >

  • Dollar ($) sign in password string treated as variable

    - by ncatnow
    Spent some time troubleshooting a problem whereby a PHP/MySQL web application was having problems connecting to the database. The database could be accessed from the shell and phpMyAdmin with the exact same credentials and it didn't make sense. Turns out the password had a $ sign in it: $_DB["password"] = "mypas$word"; The password being sent was "mypas" which is obviously wrong. What's the best way to handle this problem? I escaped the $ with a \ $_DB["password"] = "mypas\$word"; and it worked. I generally use $string = 'test' for strings which is probably how I avoided running into this before. Is this correct behavious? What if this password was stored in a database and PHP pulled it out - would this same problem occur? What am I missing here...

    Read the article

  • How can I check the mysql connection for a user/password using batch/shell script

    - by machaa
    Hi, How can I check the mysql connection for a user/password using batch/shell script? I've user name and password, and I need to authenticate whether they are correct or not, but how? I tried this way: I've created a batch file "run.bat" with "mysql -u User--password=UserPassword < commands.sql" "commands.sql" file contains "\q" When I run the file "run.bat" the output is nothing when User/Password are correct and "ERROR 1045 (28000): Access denied for user ... " when User/Password are incorrect. Now can we capture this output, and decide whether the connection is successful or not, if yes how? Regards

    Read the article

  • [Sql-Server]what data type to use for password salt and hash values and what length?

    - by Pandiya Chendur
    I am generating salt and hash values from my passwords by using, string salt = CreateSalt(TxtPassword.Text.Length); string hash = CreatePasswordHash(TxtPassword.Text, salt); private static string CreateSalt(int size) { //Generate a cryptographic random number. RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(); byte[] buff = new byte[size]; rng.GetBytes(buff); // Return a Base64 string representation of the random number. return Convert.ToBase64String(buff); } private static string CreatePasswordHash(string pwd, string salt) { string saltAndPwd = String.Concat(pwd, salt); string hashedPwd = FormsAuthentication.HashPasswordForStoringInConfigFile( saltAndPwd, "sha1"); return hashedPwd; } What datatype you would suggest for storing these values in sql server? Any suggestion... Salt:9GsPWpFD Hash:E778AF0DC5F2953A00B35B35D80F6262CDBB8567

    Read the article

  • Password checking in dojo

    - by Richard
    I want to check that two passwords are the same using Dojo. Here is the HTML I have: <form id="form" action="." dojoType="dijit.form.Form" / <pPassword: <input type="password" name="password1" id="password1" dojoType="dijit.form.ValidationTextBox" required="true" invalidMessage="Please type a password" /</p <pConfirm: <input type="password" name="password2" id="password2" dojoType="dijit.form.ValidationTextBox" required="true" invalidMessage="This password doesn't match your first password" /</p <div dojoType="dijit.form.Button" onClick="onSave"Save</div </form Here is the JavaScript I have so far: var onSave = function() { if(dijit.byId('form').validate()) { alert('Good form'); } else { alert('Bad form'); } } Thanks for your help. I could do this in pure JavaScript, but I'm trying to find the Dojo way of doing it.

    Read the article

  • Apache basic auth, mod_authn_dbd and password salt

    - by Cristian Vrabie
    Using Apache mod_auth_basic and mod_authn_dbd you can authenticate a user by looking up that user's password in the database. I see that working if the password is held in clear, but what if we use a random string as a salt (also stored in the database) then store the hash of the concatenation? mod_authn_dbd requires you to specify a query to select that password not to decide if the user is authenticated of not. So you cannot use that query to concatenate the user provided password with the salt then compare with the stored hash. AuthDBDUserRealmQuery "SELECT password FROM authn WHERE user = %s AND realm = %s" Is there a way to make this work?

    Read the article

  • Using JavaScript to change the URL used when a page is bookmarked...

    - by user30997
    JavaScript doesn't allow you to update window.location without triggering a reload. While I agree with this policy in principle (it shouldn't be possible to visit my website and have JavaScript change the location bar to read www.yourbankingsite.com,) I believe that it should be possible to change www.foo.org/index to www.foo.org/help. The only reason I care about this is for bookmarking. I'm working on a photo browser, and when a user is previewing a particular image, I want that image to be the default if they should bookmark that page. For example, if they are viewing foo.org/preview/images0-30 and they click on image #15, that image is expanded to a medium-sized view. If they then bookmark the page, I want the bookmark URL to be foo.org/preview/images0-30/active15. Any thoughts, or is there a security barrier on this one as well? I can certainly understand the same policy being applied here, but one can dream.

    Read the article

  • Android: i need password example

    - by user1475122
    I have long been looking for a functioning example of a password, but I have not found. can someone help me? Explained more clearly: I have a TextField named password and I want that when it is written in 123 and press the button it goes to another activity if it is written in 123 if not it would inform the "wrong password!" and that the password is found file, which is / sdcard / Android / password.txt if you understood :) SORRY FOR MY BAD ENGLISH! I'm Finnish, and a young coder :) ( I hope someone may be understood :D )

    Read the article

  • Password remember does not work as needed

    - by sweetsecret
    On the website I am working on it has been deployed but the problem I am facing is that when I enter a username and password and click on the check box to remember...It remembers the password for sometime.. wen I login in after 5 or 10 minutes it remembers the password but aftr a long period of time like about 2hours it forgets the username and password and i have to type it in all over again... this dint used to happen with the old server as even I could sign in and it remembered the password the next day until i log off... what can be the reason The session state im using is:

    Read the article

  • Password remember does not work properly

    - by sweetsecret
    On the website I am working on it has been deployed but the problem I am facing is that when I enter a username and password and click on the check box to remember...It remembers the password for sometime.. wen I login in after 5 or 10 minutes it remembers the password but aftr a long period of time like about 2hours it forgets the username and password and i have to type it in all over again... this dint used to happen with the old server as even I could sign in and it remembered the password the next day until i log off... what can be the reason The session state im using is:

    Read the article

  • iPhone doesn't save password for Cisco IPsec VPN using racoon daemon

    - by dsx
    On my Debian server I had set up racoon daemon (1:0.8.0-14) for Cisco IPSec VPN using certificates for authentication. My racoon.conf is like following: log info; path certificate "/etc/racoon/certs"; listen { isakmp $SERVER_IP_HERE [500]; isakmp_natt $SERVER_IP_HERE [4500]; } timer { natt_keepalive 10 sec; } remote anonymous { lifetime time 24 hours; proposal_check obey; passive on; exchange_mode aggressive,main; my_identifier asn1dn; peers_identifier asn1dn; verify_identifier on; certificate_type x509 "cert_name.crt" "key_name.key"; ca_type x509 "ca.crt"; mode_cfg on; verify_cert on; ike_frag on; generate_policy on; nat_traversal on; dpd_delay 20; proposal { encryption_algorithm aes; hash_algorithm sha1; authentication_method xauth_rsa_server; dh_group modp1024; } } mode_cfg { conf_source local; auth_source system; auth_throttle 3; save_passwd on; dns4 8.8.8.8; network4 $SOME_LAN_SUBNET; netmask4 255.255.255.0; pool_size 128; } sainfo anonymous { pfs_group 2; lifetime time 24 hour; encryption_algorithm aes; authentication_algorithm hmac_sha1; compression_algorithm deflate; } I'm not using PSK authentication here. Using iPhone configuration utility I had uploaded all required certificates to iPhone and set up VPN on demand. Everything works just fine except one thing: iPhone refuses to save VPN password regardless of save_passwd on; in racoon configuration file. As opposed to iPhone behaviour, Mac OS X 10.8.2 have no problems saving password. I had examined iPhone log file and found following: racoon[151] <Notice>: >>>>> phase change status = phase 1 established configd[50] <Notice>: IPSec Network Configuration started. configd[50] <Notice>: IPSec Network Configuration: INTERNAL-IP4-ADDRESS = $SUBNET_IP_HERE. configd[50] <Notice>: IPSec Network Configuration: INTERNAL-IP4-MASK = 255.255.255.0. configd[50] <Notice>: IPSec Network Configuration: SAVE-PASSWORD = 0. configd[50] <Notice>: IPSec Network Configuration: INTERNAL-IP4-DNS = 8.8.8.8. configd[50] <Notice>: IPSec Network Configuration: BANNER = . configd[50] <Notice>: IPSec Network Configuration: DEF-DOMAIN = . configd[50] <Notice>: IPSec Network Configuration: DEFAULT-ROUTE = local-address $SUBNET_IP_HERE/32. configd[50] <Notice>: IPSec Phase2 starting. configd[50] <Notice>: IPSec Network Configuration established. configd[50] <Notice>: IPSec Phase1 established. Please note IPSec Network Configuration message containing SAVE-PASSWORD = 0.. Is it a bug in racoon daemon on server, or iPhone (iOS version is 6.0.1 (10A523)) or it is me missing something? How to make iPhone remember IPSec VPN password?

    Read the article

  • Sync KeePassX with KeePass2

    - by bioShark
    Simply put: In Ubuntu I am using KeePassX and in Windows KeePass2. In am not able to export/import passwords from one to another. I would prefer to use the same database, but I don't really know how. If there is no possibility to sync the 2, can you recommend another password vault, which is able to sync passwords from 2 OS, using a shared DB. Thanks I am using Ubuntu 12.04 and Win 7. Edit: I have noticed that KeePass2 is available in the Software Center, so I have installed it, and I can successfully open my Win7 database. Now I will migrate my KeePassX passwords. I am seeing now a huge difference in the looks. While KeePassX doesn't exactly have Ubuntu like look&feel, it's 100 times more elegant than the interface KeePass2 comes with. Well, maybe that was my initial decision for installing KeePassX on my Ubuntu machine. I can't remember. @fossfreedom, please add your comment as a response, so that I can accept it. Thank for the suggestion

    Read the article

  • Secure Password Storage and Transfer

    - by Andras Zoltan
    I'm developing a new user store for my organisation and am now tackling password storage. The concepts of salting, HMAC etc are all fine with me - and want to store the users' passwords either salted and hashed, HMAC hashed, or HMAC salted and hashed - not sure what the best way will be - but in theory it won't matter as it will be able to change over time if required. I want to have an XML & JSON service that can act as a Security Token Service for client-side apps. I've already developed one for another system, which requires that the client double-encrypts a clear-text password using SHA1 first and then HMACSHA1 using a 128 unique key (or nonce) supplied by the server for that session only. I'd like to repeat this technique for the new system - upgrading the algo to SHA256 (chosen since implementations are readily available for all aforementioned platforms - and it's much stronger than SHA1) - but there is a problem. If I'm storing the password as a salted hash in the user-store, the client will need to be sent that salt in order to construct the correct hash before being HMACd with the unique session key. This would completely go against the point of using a salt in the first place. Equally, if I don't use salt for password storage, but instead use HMAC, it's still the same problem. At the moment, the only solution I can see is to use naked SHA256 hashing for the password in the user store, so that I can then use this as a starting point on both the server and the client for a more secure salted/hmacd password transfer for the web service. This still leaves the user store vulnerable to a dictionary attack were it ever to be accessed; and however unlikely that might be - assuming it will never happen simply doesn't sit well with me. Greatly appreciate any input.

    Read the article

  • Password Confirmation Overlay

    - by Alasdair
    Hello, I'm creating a J2EE web application that uses jQuery and Ajax to help with some of the presentation for a user-friendly interface. I've done a lot of work ensuring security around persistant login cookies, and I've decided to request the password from any user that logged in using a persistant login cookie before being allowed to make any changes that could be malicious. This request would only happen once to confirm the user is who they say they are and will last throughout the session. At present, any requests that meet this criteria has their request information stored in session and then the user is forwarded to a page to confirm their password. Once confirmed, the user's original request is then performed and the requestion information removed from session. What I would like to do is avoid all this redirection and minimize what's held in session (even if it's just for a small time), thus improving usability and convenience for the user. I believe that a jQuery overlay could allow me to prompt the user for their password (if required) and then continue to submit the request if successful. I would of originally used ThickBox, but since that's now deprecated I don't see the benefit in implementing it in an application at this development stage. However, I have tried to create an overlay using jQuery but I've scrapped every attempt as I can't seem to make it all come together. My main problem is preventing the submission when the user incorrectly types a password or cancels the overlay. Desired Flow Persistant Login Sensitive Page Submit Password Confirmation Overlay [Continue Submit | (Cancel | Incorrect] I have already created JavaScript code to encrypt the password to be sent in a parameter, but all I need now is a method of controlling the overlay and how best to use Ajax for this purpose. Please ignore the fact that this is a J2EE web application when answering as it is irrelevant really. Thanks in advance, Alasdair

    Read the article

  • Devise password reset issue (new_user?)

    - by rabid_zombie
    When a user's email is inputted into the forgot password form and submitted, I am receiving an error saying login can't be blank. I looked around devise.en.yml for this error message, but can't seem to find it anywhere. Here is my views/devise/passwords/new.html.haml: %div.registration_page %h2 Forgot your password? = form_for(resource, :as => resource_name, :url => user_password_path, :html => { :method => :post, :id => 'forgot_pw_form', :class => 'forgot_pw' }) do |f| %div = f.email_field :email, :placeholder => 'Email', :autofocus => true, :autocomplete => 'off' %div.email_error.error %input.btn.btn-success{:type => 'submit', :value => 'Send Instructions'} = render "devise/shared/links" The form is posting to users/password like it should, but I noticed that my forgot password form attaches class = 'new_user'. Here is what my form displays: <form accept-charset='UTF-8' action='/users/password' class='new_user' id='forgot_pw_form' method='post' novalidate='novalidate'></form> My routes for devise (I have custom sessions and registrations controllers): devise_for :users, :controllers => {:sessions => 'sessions', :registrations => 'registrations'} How can I setup devise's forgot password functionality? Why am I receiving this error message and why is that class being added there? I've tried: Adding my own passwords controller and adding new routes for my custom controller. Same error Adding my own class and id to the form. This successfully changes the id and class of the form, but reverts back to class and id of new_user Thanks.

    Read the article

  • How good is Word's password protection?

    - by Yuval
    Hi, I have a password protected MS-Word 2007 file that needs to stay private. How good is Word's protection? If it's not very good, can you suggest a better method for keeping the file protected? EDIT: my goal is to send the protected file to a recipient (who knows the password). I assume this recipient knows nothing about encryption/decryption, but if I absolutely have to, I'll encrypt the file and painstakingly teach the recipient how to decrypt it.

    Read the article

  • Probelm After Changing password in ubuntu

    - by Narendra
    Hi All, I am using ubuntu system which uses openldap for user login authentication. For changing my login password i used "$sudo passwd" and changed it. (of course the password given is same as old one). Then onwards when i trying to run "apt" command it showing command not found. and for some other programs it showing segmentation fault. Can any one tell me why I am facing issue and how to solve this.

    Read the article

  • ActiveSync / Exchange 2007 password expiration buffer on device

    - by Matt Hamende
    I'm trying to determine if there is any buffer of time from the time a password expires in AD to the time that users would stop receiving email on their mobile devices our setup is Exchange 2007 ActiveSync DC's are Server 2008 R2 primarily Android shop, with maybe a few iOS devices I've heard some rumors of people still receiving email after their password expired / changed on the domain, just want to see if anyone else has ever heard of this. Did a bit more reading, read about Token Cache in IIS 7.0 and 15min lagtime, still would like to hear any thoughts about this.

    Read the article

  • How to get rid of superuser`s password?

    - by eleonora
    My father put a new superuser password on my laptop, and now i cant access my computer without him putting the password in. I am really helpless. How can i get rid of his superuser control? Can i delete or change the superuser thing? Please help!!!!

    Read the article

  • Configuring sudo to work without password

    - by aidan
    I'm trying to configure sudo to allow all users to restart apache without having to enter a password. Security concerns aside, why isn't this working? I added the line to /etc/sudoers: %admin ALL=NOPASSWD: /usr/sbin/apache2ctl $sudo -l User aidan may run the following commands on this host: (root) NOPASSWD: /usr/sbin/apache2ctl (ALL) ALL $sudo /usr/sbin/apache2ctl [sudo] password for aidan: Thanks for any help.

    Read the article

  • How to save map drive password

    - by Ravisha
    I have a map drive created from ToolsMap network drive. Where in the drive is mapped to a different machine's shared folder.So each time i switch off the machine ,it asks for password when i open the drive.Is there a way to save this password?

    Read the article

< Previous Page | 31 32 33 34 35 36 37 38 39 40 41 42  | Next Page >