Search Results

Search found 11663 results on 467 pages for 'forgot password'.

Page 38/467 | < Previous Page | 34 35 36 37 38 39 40 41 42 43 44 45  | Next Page >

  • Active Directory Incorrect password attempts double counting

    - by Hidayath
    Hi I am using the following C# code to connect to active directory and validate the login, DirectoryEntry de = new DirectoryEntry(); string username = "myuser", path = "LDAP://addev2.dev.mycompany.com/CN=myuser,DC=dev,DC=mycompany,DC=com", password = "test"; for (int i = 0; i < 4;i++ ) { try { de.AuthenticationType = AuthenticationTypes.Sealing | AuthenticationTypes.Secure | AuthenticationTypes.FastBind; de.Username = username; de.Password = password; de.Path = path; //de.RefreshCache(); Object obj = de.NativeObject; } catch (Exception ex) { Console.WriteLine(ex.Message); } this works fine when the password is correct. However when the password is incorrect this shows as 2 invalid attempts in AD. So what happens is when the AD admin allows 5 invalid attempts the user is locked out on the 3rd attempt. when i look in the AD's event log 1 see 2 entries. 1)Pre-authentication failed: 2)Logon attempt by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 Logon account: [email protected] Source Workstation: WKSXXXX Error Code: 0xC000006A Stepping thro the code i see 2 event entries on the line de.RefreshCache() I tried using de.NativeObject to see if that would solve the problem. No Dice Anyone have any pointers?

    Read the article

  • Access denied for user 'root@localhost' (using password:NO)

    - by murgatroid99
    I am attempting to install a network management package called cacti onto Ubuntu running under Windows Virtual PC. I attempted to install MySQL as it is one of cacti's dependencies. I can install and start the MySQL server, but whenever I try to access it in any other way, such as to change the password, I get the error message Access denied for user 'root@localhost' (using password:NO). I would like to know what is causing this and how to fix it. Edit: (just in case my comments are not visible) The answers from HD and Devin Ceartas did not work for me.

    Read the article

  • how to remove mysql root password

    - by nectar
    I want to remove password for user root in localhost how can I do that?by mistake I have set the password of root user thats why phpmyadmin is giving error- #1045 - Access denied for user 'root'@'localhost' (using password: NO)

    Read the article

  • The best way to store username and password without a database

    - by Mokuchan
    Hello everyone, I want to build a simple single user login "library" in PHP, but I'm facing the following dilemma: how should I store username and password if I'm not using a database? A simple plain text file could be easily read and then the password could be easily decripted so that's not an option. If I create a php file with just <?php $Username= "username"; $Password= "password"; ?> then no one should be able to read it and I could simply include this file where I need it, but I'm not really sure you can't find a better way to do this! So what's, in your opinion, the best solution to this problem (and why)? Thanks

    Read the article

  • magento .htaccess password protect inner pages (not homepage)

    - by Angel Wong
    I would like to use .htaccess to password protect all inner pages of Magento, except the home page. e.g. http://www.example.com/abc (password protect) http://www.example.com (home page, no need to password protect) I tried to use the setifenv request_uri = "/" => allow, but didn't work. It still password protect all pages including the homepage. I also tried a few ways inside the Magento admin URL rewrite, but those won't work either. Any expert can help? thx E

    Read the article

  • Authenticate with Django 1.5

    - by gorjuce
    I'm currently testing django 1.5 and a custom User model, but I've some problems. I've created a User class in my account app, which looks like: class User(AbstractBaseUser): email = models.EmailField() activation_key = models.CharField(max_length=255) is_active = models.BooleanField(default=False) is_admin = models.BooleanField(default=False) USERNAME_FIELD = 'email' I can correctly register a user, who is stored in my account_user table. Now, how can I log in? I've tried with: def login(request): form = AuthenticationForm() if request.method == 'POST': form = AuthenticationForm(request.POST) email = request.POST['username'] password = request.POST['password'] user = authenticate(username=email, password=password) if user is not None: if user.is_active: login(user) else: message = 'disabled account, check validation email' return render( request, 'account-login-failed.html', {'message': message} ) return render(request, 'account-login.html', {'form': form}) I can correctly register a new User My forms.py which contains my register form class RegisterForm(forms.ModelForm): """ a form to create user""" password = forms.CharField( label="Password", widget=forms.PasswordInput() ) password_confirm = forms.CharField( label="Password Repeat", widget=forms.PasswordInput() ) class Meta: model = User exclude = ('last_login', 'activation_key') def clean_password_confirm(self): password = self.cleaned_data.get("password") password_confirm = self.cleaned_data.get("password_confirm") if password and password_confirm and password != password_confirm: raise forms.ValidationError("Password don't math") return password_confirm def clean_email(self): if User.objects.filter(email__iexact=self.cleaned_data.get("email")): raise forms.ValidationError("email already exists") return self.cleaned_data['email'] def save(self): user = super(RegisterForm, self).save(commit=False) user.password = self.cleaned_data['password'] user.activation_key = generate_sha1(user.email) user.save() return user My question is: Why does authenticate give me None? I know I'm trying to authenticate() with an email as username but is that not one of the reasons to use a custom User model?

    Read the article

  • How do I resolve "conflicting accounts" in google apps without breaking links to online photos on picasa?

    - by lee
    I have been using google apps for some time, and only recently learned I have what google calls "conflicting accounts" which is creating a problem I haven't been able to resolve. Turns out that the apps account really only covers email, google docs, and the calendar and not other features like picasa, blogger, youtube etc. and at some point they gave me a non-apps google account with my same (proprietary non-gmail) email address for the additional apps. This is the "conflicting account." I had noticed that I sometimes had to come in through another door when I went back and forth, between docs, picasa, and mail let's say, but never understood why since it was the same username and password and I didn't get any communication about it at the time. Google is now in the process of giving google apps users access to the additional apps and providing instructions for consolidating the two accounts. But if I want to move my picasa site into the new apps structure I have to download my albums and re-synch them. This would be disastrous for me as I have hundreds of photos embedded in my websites, and new web addresses would break all the connections. The alternative seems to be to rename my "personal" (non-apps) accounts as described at http://www.google.com/support/a/bin/answer.py?answer=185186: Users with conflicting Google Accounts can easily resolve their conflicts by renaming their personal Google Accounts, and the data in their personal accounts will remain safe and accessible to them. Here’s how a user can rename their personal Google Account: * Step 1: Visit www.google.com/accounts and sign in with your personal Google Account * Step 2: Click ‘Change email’ under ‘Personal Settings’ * Step 3: Enter a different email address where you can receive mail, enter your password, and click ‘Save email address’ * Step 4: Check your other email If your users don’t have different email addresses where they can receive mail, they can resolve the conflict by renaming their personal Google Accounts to @gmail.com addresses instead. Sounds easy enough, right? I gave them a gmail address. The wizard said "sorry you can't use a gmail account for this" --which contradicts the last paragraph above but ok, I switched to a new email address I just created for one of my domains. I can send email back and forth between this account and my google apps account with no problem. But when I try to use it as a replacement on the "personal" side I always get "The password you gave is incorrect." I have tried it over and over and know the password is correct. Since I like to get all my emails though one web interface I initially had the new email set up as an add-on to my google apps email account, but noting that the instructions said the "personal account" email could not be associated with any other gmail account I took it off and went back to accessing it via horde so there would be no conflict there, which seemed to make no difference. I can't figure out why it won't accept the password. Does anyone have any thoughts about that? or suggestions for another way to resolve my picasa problem? any help at all is greatly appreciated. Lee

    Read the article

  • Unrated Easy iOS 6.1.4/6.1.3 Unlock/Jailbreak iPhone 5/4S/4/3GS Untehtered System

    - by user171772
    Popular jailbreak tool Unlock-Jailbreak.net – compiled by the iPhone Team – has just been updated with full support for Unlock/Jailbreak iPhone 5/4S/4/3GS iOS 6.1.4 and 6.1.3/6.0.1 Untethered. You may have caught our tutorial, which detailed how one could jailbreak their device tethered using Redsn0w, although since it was a pre-iOS 6.1.1 release, users needed to "point" the tool to the older firmware. Team Unlock-Jailbreak was established few years ago, combines some of the jailbreak and unlock community’s most talented developers all known for producing reliable jailbreaks in the past. This team was assembled in order to develop a reliable untethered jailbreak and unlock iphone 5,4S,4 iOS 6.1 for post-A5 devices, including the iPhone 5, the iPad mini and the latest-generation iPad. This has now been achieved with the just-released userland jailbreak tool, known as Unlock-Jailbreak.net. To Jailbreak and Unlock your iPhone 5/4/4S/3GS iOS 6.1.4 and 6.1.3 visit the official website http://www.Unlock-Jailbreak.net http://www.Unlock-Jailbreak.net was formed in mid 2008 and have successfully jailbroken over 250,000 iPhones worldwide. This is unparalleled by any other service in the industry. They have achieved this by combining a very simple solution with a fantastic customer service department that is available 24/7 through many forms of contact, including telephone. Unlock-Jailbreak from Unlock-Jailbreak.nethas been downloaded by over 250,000 customers located in over 145 countries. To further ensure customers of its products usability, Unlock-Jailbreak offers a 100% full money back guarantee on all orders. Customers dissatisfied with the company’s product will be given a full refund, no questions asked. One good advantage of the software is that the jailbreaking and unlocking process is coampletely reversible and there will be no evidence that the iPhone has been jailbroken and unlocked . iOS 6.1/6.1.4 and 6.1.3 comes with many new features and updates for multitasking and storage. By unlocking and jailbreaking the iPhone,Unlock/Jailbreak iPhone 5/4S/4/3GS iOS 6.1/6.1.4 and 6.1.3/6.0.1 Untethered unleash unlimited possibilities to improve this already fantastic experience and the iPhone FULL potential. Before going through any jailbreak process with Unlock-Jailbreak it is always good housekeeping to perform a full backup of all information on the device. It is unlikely that anything will go wrong during the process but when undertaking any process that modifies the internals of a file system it is always prudent to err on the side of caution.

    Read the article

  • Why can't non-admin users install software?

    - by fiftyeight
    This is probably something I don't understand since I am used to Windows and am only starting out with Ubuntu. I know that software in linux comes in packages what I don't understand is why can't non-admin users install software. I mean, every application is run by a specific user, and that user will only be able to run that applciation with his privilages, so if he has no admin privileges, the application also won't be able to access unauthorized directories etc. I want most of the time to work on my PC with a non-admin user since it seems more safe to me, most of the time I have no need for admin privileges. and even though I know viruses in linux are uncommon I still think the best practice is to work on the computer in a state that you yourself can't make any changes to important files, that way viruses also can't harm any important files, but I need to install software for programming and web-design etc. and first of all I don't want to switch users all the time. But also it sounds safer to me that everything being done on the PC will be done through the non-admin user. I'll be glad to know what misunderstanding I have here, cause something here doesn't sound right.

    Read the article

  • Managing client passwords [closed]

    - by C.Johns
    I am just starting up a small website development business and one of the issues I am having is remembering passwords and account information for clients hosting, cpanel, ftp accounts etc. I was wondering what is the most suitable system / industry standard for controlling such information? Pretty marginal on the close there... I read the FAQ and I felt list this could be a common issue for webmasters, its defiantly not a coding questions so stackoverflow is out of the question and its not a broad question its focused on one particular aspect of being a webmaster.

    Read the article

  • Does facebook store multiple password hashes for each user?

    - by loxxy
    I noticed that Facebook allows multiple variants of my own password : My password as it is. My password with first letter capitalized. My password with all letters capitalized. It is commonly known that passwords are stored as hashes. So my question is, does facebook store multiple hashes for each user? Since the hash of each variant should be completely different... Or am I missing something, here? And there may be more combinations, besides the one I observed as well. This is obviously done to provide a better user experience & they probably have a statistical explanation of people repeating these mistakes. But I could not help but wonder, is it worth to increase so many lookups (in their database) just to help the user type a wrong password? On top of this, they warn about the caps lock (even though they don't seem to care) :

    Read the article

  • Samba doesnt require password on xbmc but does on ubuntu

    - by Chris
    I have samba setup on a fedora 13 machine, and I use it to share with my xbmc client in the family room. When I set this up there no password or anything was required I merely entered in paths such as: smb://<host>/<share> and all worked. Now on my ubuntu 10.04 machine when I try to access the same hosts, for example through smbmount though I receive an error. smbmount //media/Music ~/Music/ # media is in my /etc/hosts and resolves to # correct IP address for the machine I receive error: operation not permitted after pressing enter when it prompts for password. Here is my entry from /etc/samba/smb.conf: [global] workgroup = WORKGROUP server string = Samba Server Version %v # log files split per-machine: log file = /var/log/samba/log.%m # maximum size of 50KB per log file, then rotate: max log size = 50 security = user passdb backend = tdbsam ; security = domain ; passdb backend = tdbsam ; realm = MY_REALM ; password server = <NT-Server-Name> ; security = user ; passdb backend = tdbsam ; domain master = yes ; domain logons = yes ; logon script = %m.bat ; logon script = %u.bat ; logon path = \\%L\Profiles\%u ; logon path = ; add user script = /usr/sbin/useradd "%u" -n -g users ; add group script = /usr/sbin/groupadd "%g" ; add machine script = /usr/sbin/useradd -n -c "Workstation (%u)" -M -d /nohome -s /bin/false "%u" ; delete user script = /usr/sbin/userdel "%u" ; delete user from group script = /usr/sbin/userdel "%u" "%g" ; delete group script = /usr/sbin/groupdel "%g" ; local master = no ; os level = 33 ; preferred master = yes ; wins support = yes ; wins server = w.x.y.z ; wins proxy = yes ; dns proxy = yes load printers = yes cups options = raw ; printcap name = /etc/printcap # obtain a list of printers automatically on UNIX System V systems: ; printcap name = lpstat ; printing = cups ; map archive = no ; map hidden = no ; map read only = no ; map system = no ; store dos attributes = yes #============================ Share Definitions ============================== [homes] comment = Home Directories browseable = no writable = yes ; valid users = %S ; valid users = MYDOMAIN\%S # Un-comment the following and create the netlogon directory for Domain Logons: ; [netlogon] ; comment = Network Logon Service ; path = /var/lib/samba/netlogon ; guest ok = yes ; writable = no ; share modes = no # Un-comment the following to provide a specific roving profile share. # The default is to use the user's home directory: ; [Profiles] ; path = /var/lib/samba/profiles ; browseable = no ; guest ok = yes # A publicly accessible directory that is read only, except for users in the # "staff" group (which have write permissions): ; [public] ; comment = Public Stuff ; path = /home/samba ; public = yes ; writable = yes ; printable = no ; write list = +staff [tv] comment = TV path = /media/Isos/tv public = yes writable = yes printable = no write list = +media [music] comment = Music path = /media/Storage/music/ public = yes writable = yes printable = no write list = +media [pictures] comment = Pictures path = /media/Storage/pictures public = yes writable = yes printable = no write list = +media

    Read the article

  • ssh: "Agent admitted failure to sign using the key"

    - by takeshin
    I'm trying to set up password-less login with ssh on Ubuntu Server, but I keep getting: Agent admitted failure to sign using the key and prompt for password. I have generated new rsa keys. Before the system reboot it worked just fine. All the links lead me to this bug, but nothing works. SSH Agent is still not running. How to fix that? Maybe the files need specific permissions?

    Read the article

  • KeePass justification

    - by Jeff Walker
    I work at a place that tries to take security seriously, but sadly, they often fail. Currently, one of the major ways they fail is password management. I personally have about 20 accounts (my personal user id on lots of machines). For shared "system" accounts, there are about 45 per environment; development, test, and production. I have access to 2 of those, so my personal total is somewhere around 115 accounts. Passwords have to be at least 15 characters with some extensive but standard complexity constraints, and have to be changed every 60 days or so (system accounts every year). They also should not be the same for different accounts, but that isn't enforced. Think DoD-type standards. There is no way to remember and keep up with this. It just isn't humanly possible, as far as I'm concerned. This might be a good justification of a centralized account management system, a la LDAP or ActiveDirectory, but that is a totally different battle. Currently the solution is an Excel spreadsheet. They use Excel to put a password on it, and then most people make a copy and remove the password. This makes my stomach turn. I use KeePass for this problem and it manages all of my account very well. I like the features like auto-typing, grouping, plugins, password generation, etc. It uses AES-256 encryption via the .Net framework, and while not FIPS compliant, it has a very good reputation. The only problem is that they are also very careful about using randomly downloaded software. So we have to justify every piece of software on our workstations. I have been told that they really don't want me to use this, be cause of the "sensitive nature" of storing passwords. sigh My justification has to be "VERY VERY strong". I have been tasked with writing a justification for KeePass, but as I am lazy, I would like any input that I can get from the community. What do you recommend? Is there something out there that is better or more respected than KeePass? Is there any security experts saying interesting things on this topic? Anything will help at this point. Thanks.

    Read the article

  • How can I prevent Virtualmin from storing passwords in cleartext?

    - by Josh
    I am really surprised at this behavior. In Virtualmin, I can see the password for any SSH user by clicking the "(Show..)" link next to the "Password ( ) Leave unchanged" option in a variety of locations. I have found that the passwords for all users including users with SSH access are stored in cleartext files in /etc/webmin/... This seems like an unnecessary risk! How can I prevent Virtualmin from storing passwords in this manner?

    Read the article

  • Creating DOS bootable cd

    - by dotnetdev
    I need to burn a cd which I will boot from to reset a password on Windows Server. I am using Active Password Changer, but I get an error like so: http://www.freeimagehosting.net/image.php?faa4737491.png How can I create a "DOS bootable disk"? I have an ISO on the cd I thought that will work. The manual says I need DOS system files, where do I get these from? Thanks

    Read the article

  • disable possword policy using command prompt in Server 2008

    - by user50273
    Is there a way to disable password policy in Windows Server 2008 using command prompt. I know how to do it using Local Security Policy in Administrative Tools. I was wondering if there is a way to change using command prompt. I guess there must be some registry settings that needs to be changed but I do not know which entry in registry will disable the password policy. If you can tell me which registry entry I can write the command prompt myself. Thanks

    Read the article

  • htaccess allow if does not contain string

    - by Tom
    I'm trying to setup a .htaccess file which will allow users to bypass the password block if they come from a domain which does not start with preview. e.g. http://preview.example.com would trigger the password and http://example.com would not. Here's what I've got so far: SetEnvIfNoCase Host preview(.*\.)? preview_site AuthUserFile /Users/me/.htpasswd AuthGroupFile /dev/null AuthType Basic AuthName "Development Area" Require valid-user Order deny,allow Allow from 127 deny from env=preview_site Satisfy any Any ideas?

    Read the article

  • Symfony 1.4 - Don't save a blank password on a executeUpdate action.

    - by Twelve47
    I have a form to edit a UserProfile which is stored in mysql db. Which includes the following custom configuration: public function configure() { $this->widgetSchema['password']=new sfWidgetFormInputPassword(); $this->validatorSchema['password']->setOption('required', false); // you don't need to specify a new password if you are editing a user. } When the user tries to save the executeUpdate method is called to commit the changes. If the password is left blank, the password field is set to '', but I want it to retain the old password instead of overwriting it. What is the best (/most in the symfony ethos) way of doing this? My solution was to override the setter method on the model (which i had done anyway for password encryption), and ignore blank values. public function setPassword( $password ) { if ($password=='') return false; // if password is blank don't save it. return $this->_set('password', UserProfile ::encryptPassword( $password )); } It seems to work fine like this, but is there a better way? If you're wondering I cannot use sfDoctrineGuard for this project as I am dealing with a legacy database, and cannot change the schema.

    Read the article

  • from svn to git (+ LDAP + password-less updates + passworded access control)

    - by Jayen
    We have an SVN setup and there are some things we dislike about it and some things we like about it. We want to move to git, but we're not sure exactly what setup will work for us. We're currently using SVN (w/ Authz) + Apache (w/ WebDAV & LDAP). Hook to update the live site [like] Live site update requires no additional interaction [like] Live site update uses stored password [dislike] Commits require centralized-password authentication [like] Commit from live site changes stored credentials [dislike] Access control (per repository) for commits [like] Point 5 above is the one that keeps stuffing us up. Someone makes a commit from the live site and then the hook breaks. We're thinking to use gitosis/gitolite to get access control, but as they use ssh keys, we won't be requiring passwords. We're also thinking to use git-http-backend, and use Apache for authentication, but then do we lose access control? Can the live site be automatically updated from a hook if Apache requires authentication? Can we combine git-http-backend and gitosis/gitolite somehow? Can we store http credentials with git?

    Read the article

< Previous Page | 34 35 36 37 38 39 40 41 42 43 44 45  | Next Page >