Search Results

Search found 21719 results on 869 pages for 'password security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 4/869 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • What to sign when signing a message with ws-security

    - by Heavy Bytes
    I am adding security to my web service and chose to sign the Timestamp and Token. While reading docs I found a lot of examples where they sign the Body of the SOAP message. My question is: what is best to sign? From what I understand signing the Body could lead to performance issues if the Body is pretty large. Thanks.

    Read the article

  • Using a password to generate two distinct hashes without reducing password security

    - by Nevins
    Hi there, I'm in the process of designing a web application that will require the storage of GPG keys in an encrypted format in a database. I'm planning on storing the user's password in a bCrypt hash in the database. What I would like to be able to do is to use that bCrypt to authenticate the user then use the combination of the stored bCrypt hash and another hash of the password to encrypt and decrypt the GPG keys. My question is whether I can do this without reducing the security of the password? I was thinking I may be able to use something like an HMAC-SHA256 of a static string using the password and a salt as the secret key. Is there a better way to do this that I haven't thought of? Thanks

    Read the article

  • tools to check password security

    - by tombull89
    Hello again. I'm after a tool to test how long a password could stand up to a hacking/cracking technique such as brute force as two passwords that are critical to a work system is one word that is in the dictionary, and another is a word in the dictionary with a capital letter and a number instead of a letter. I'd prefer it to be offline and free that you can run on a computer to see how long the password will hold out. Maybe even at the windows login prompt but I realise such programmes may be shady and erring on the side of illegal. Anybody have any suggestions?

    Read the article

  • XKCD’s Take On Password Difficult

    - by Jason Fitzpatrick
    The more difficult to crack password doesn’t have to be the most difficult to remember; XKCD humorously illustrates the power of entropy. On a more serious note, if you’re looking to increase your password strength and variety, make sure to check out our roundup of password best practices. [via XKCD] HTG Explains: What Is RSS and How Can I Benefit From Using It? HTG Explains: Why You Only Have to Wipe a Disk Once to Erase It HTG Explains: Learn How Websites Are Tracking You Online

    Read the article

  • Disabling Password and Key Login

    - by Matthew Miller
    I want to disable the login prompt to access the Passwords and Keys. Right clicking the prompt does not bring up a change password dialogue. Under Applications System Tools Preferences there is "Passwords and Keys" but right clicking that does not allow me to change the password either. There is no Password and Keys selection under Accessories. I used to be able to change the password to a blank character, which allowed it to automatically login, but there doesn't seem to be an option for that now. Using Gnome 3 in 12.10 Thank you

    Read the article

  • How do I reset my Ubuntu 12.10 password?

    - by Salvador Yniguez
    So my sister gave me this old laptop that has Ubuntu 12.10. The problem is that she has a username administrator password, but she forgot it. I've tried using GRUB and launching recovery mode and using the root shell prompt. And I type the "passwd username" command, and it tells me to type the new UNIX password, but when I try to type a new password it's like my keyboard doesn't even work. It types nothing. What's the problem? Why does my keyboard not type anything when I try to reset the UNIX password? It always works perfectly fine. I'm grateful for any help, thank you.

    Read the article

  • SSH password entered too many times Connection refused

    - by Ole Henrik Skogstrøm
    I tried connecting to my new installed Ubuntu 12 server via SSH and I was asked for my password. (I had used "myusername@ipadress" to connect) After entering the right password a few times (with no luck; access denied) I started getting an error directly telling me that the connection was refused without asking me for a password anymore. It seems like I have managed to blacklist myself. It has been like this for about 2 hours now, is there a quick solution for this?

    Read the article

  • Login screen doesn't prompt for password

    - by jbristow
    I just installed Ubuntu 12.10, and tied it to my company LDAP. On the login screen, instead of prompting for a password there is just a "Log In" button by my name. I click it, and I am immediately logged in without typing in a password. I checking my User Account options, and "Automatic Login" is turned off. I can also click on other LDAP users accounts, and get in without a password. There is a local user on the system. When I try to log in as that user, I am prompted for a password.

    Read the article

  • I forgot the password to a cbz/zip file

    - by hurley
    I forgot the password to a cbz file, which when I open it says it only contains empty pages, so i rename it to zip, since I read it will open anyway, and I enter what I supposed to be the password, and it starts extracting some 100 files, but it stops and asks for a password again and none of my known passwords work. Help? it's a backup for over 2 years of work. I'm using Archive Manager at Ubuntu 13.

    Read the article

  • How to change root password for mysql and phpmyadmin

    - by Jon
    I've set up mysql and phpmyadmin and chose not to set a password when installing hoping that once set up i could login with root and no password but i get the following error from phpmyadmin Login without a password is forbidden by configuration (see AllowNoPassword) I have previously moved the phpmyadmin folder to /var/www/ I have tried changing the following line $cfg['Servers'][$i]['AllowNoPassword'] = false; to $cfg['Servers'][$i]['AllowNoPassword'] = true; but still had no success, so i am wondering is there a way i can change the root passwords for both so i can access phpmyadmin and create databases. Thanks

    Read the article

  • Passwords in the Password/Encryption Keys program

    - by Gaurav_Java
    I noticed that I have passwords in the Password/Encryption Keys program . It appears that anybody who walked up to my computer could go look at all my passwords without needing a master password. Did I do something wrong or is this the default behavior? And if so, why? and what if i lick my password is it get locked till i log out or for every time when i have 2to see password then i have to unlock keyrings . if then so how i protect my passwords from other . and why it is done so

    Read the article

  • Unity session goes to lock on app launch, and won't unlock with password

    - by really
    Has been happening on every Ubuntu machine I've used to date, which is a total of 4. Started in 12.10 as far as I know, but it might have happened with 12.04, 12.10, 13.04, 13.10 and now 14.04. It doesn't seem to matter what I'm doing, but what always seems to trigger it is opening a web browser or some other application first from the sidebar. Firefox was was the most recent trigger. Instead of opening my browser, which it acts like it's going to do... the session locks, goes to the login screen, and won't unlock with the correct password. By 'won't unlock' I mean it unlocks then immediately locks again without first restoring unity, it does not produce 'incorrect password' I suspect this is a virus or password snooping software because of the fact it won't unlock with correct password information and I think if this IS a security issue, it should be fixed asap considering it's widespread throughout multiple versions. It's probably not a virus, but it is certainly suspicious behaviour to see your pc do that... wouldn't you think?

    Read the article

  • root password not recognized

    - by Neto Diaz
    I got kubuntu 12.04 on my laptop, but everytime I try t update, install or something like that it does not recoginze my password, here is what the konsole says... ernesto@neto-desktop:~$ sudo apt-get update [sudo] password for ernesto: Sorry, try again. [sudo] password for ernesto: Sorry, try again. [sudo] password for ernesto: Sorry, try again. sudo: 3 intentos de contraseña incorrectos ernesto@neto-desktop:~$ and no advance from there, i am some kind of new for this version (12.04 precise pangolin) and i m not sure what is next, thanks in advance for the help and answers!

    Read the article

  • Reset Windows share password after 'Remember forever'

    - by timmit
    I've been happily connecting to a Windows share from my 14.04 machine. When I first entered the password for the share I chose to have it remembered forever. Yesterday I changed the password on the Windows machine, today I can't access the share... My searches for a solution have been in vain, most suggestions say that there is an entry in the Password & Keys (seahorse) app that should be deleted, this doesn't exist for me. I even ran seahorse as the root user to see if the key was hidden away in there, but no luck. Is there anywhere else I should be looking? Shouldn't the Nautilus app be prompting me to update my password in this scenario?

    Read the article

  • Thunderbird keeps asking me for the password every time I login

    - by mr_mohamed
    I haven't used thunderbird for a while but when i started to use it again I found out that i have to give the application driven password since i'm using gmail. So i types that application password which is automatically given by the google, but it asks for that every time i try to login. it's really frustrating, to obtain that password i have to go to goodle account settings everytime i login in thunderbird

    Read the article

  • How do I reset a lost password (using recovery mode requires me to type the password)?

    - by user16441
    I need to reset my password. I have followed these steps: How do I reset a lost Administrative(root) password? However, then I go to "root" or "netroot" recovery options, it tells me: Give root password for maintenance (or type Control-D to continue) Clearly, I do not know the root password. If I type Control-D, I return to the list of options. From this page I read: Under chapter 'The Other Way': 4. Highlight the line that begins kernel and press 'e' to edit But in the grub configuration file I have no line that starts with 'kernel'. Only: setparams 'Ubuntu...' recordfail set gxfpayload... insmod part_msdos insmod ext2 set root=... search --no-floppy... linux /boot/vmlinuz-2.6.38... initrd /boot/initrd.img-2.6.... Those are all lines in my grub. Which line should I edit? Or is there another way to reset my password?

    Read the article

  • How can I use fetchmail (or another email grabber) with OSX keychain for authentication?

    - by bias
    Every fetchmail tutorial I've read says putting your email account password clear-text in a config file is safe. However, I prefer security through layers (since, if my terminal is up and someone suspecting such email foolery slides over and simply types "grep -i pass ~/.*" then, oops, all my base are belong to them!). Now, with msmtp (as opposed to sendmail) I can authenticate using the OSX keychain. Is there an email 'grabber' that lets me use Keychains (or at least, that lets me MD5 the password)?

    Read the article

  • What is the best "forgot my password" method?

    - by Edward Tanguay
    I'm programming a community website. I want to build a "forgot my password" feature. Looking around at different sites, I've found they employ one of three options: send the user an email with a link to a unique, hidden URL that allows him to change his password (Gmail and Amazon) send the user an email with a new, randomly generated password (Wordpress) send the user his current password (www.teach12.com) Option #3 seems the most convenient to the user but since I save passwords as an MD5 hash, I don't see how option #3 would be available to me since MD5 is irreversible. This also seems to be insecure option since it means that the website must be saving the password in clear text somewhere, and at the least the clear-text password is being sent over insecure e-mail to the user. Or am I missing something here? So if I can't do option #1, option #2 seems to be the simplest to program since I just have to change the user's password and send it to him. Although this is somewhat insecure since you have to have a live password being communicated via insecure e-mail. However, this could also be misused by trouble-makers to pester users by typing in random e-mails and constantly changing passwords of various users. Option #1 seems to be the most secure but requires a little extra programming to deal with a hidden URL that expires etc., but it seems to be what the big sites use. What experience have you had using/programming these various options? Are there any options I've missed?

    Read the article

  • Security strategies for storing password on disk

    - by Mike
    I am building a suite of batch jobs that require regular access to a database, running on a Solaris 10 machine. Because of (unchangable) design constraints, we are required use a certain program to connect to it. Said interface requires us to pass a plain-text password over a command line to connect to the database. This is a terrible security practice, but we are stuck with it. I am trying to make sure things are properly secured on our end. Since the processing is automated (ie, we can't prompt for a password), and I can't store anything outside the disk, I need a strategy for storing our password securely. Here are some basic rules The system has multiple users. We can assume that our permissions are properly enforced (ie, if a file with a is chmod'd to 600, it won't be publically readable) I don't mind anyone with superuser access looking at our stored password Here is what i've got so far Store password in password.txt $chmod 600 password.txt Process reads from password.txt when it's needed Buffer overwritten with zeros when it's no longer needed Although I'm sure there is a better way.

    Read the article

  • Nginx Password Protect Directory Downloads Source Code

    - by Pamela
    I'm trying to password protect a WordPress login page on my Nginx server. When I navigate to http://www.example.com/wp-login.php, this brings up the "Authentication Required" prompt (not the WordPress login page) for a username and password. However, when I input the correct credentials, it downloads the PHP source code (wp-login.php) instead of showing the WordPress login page. Permission for my htpasswd file is set to 644. Here are the directives in question within the server block of my website's configuration file: location ^~ /wp-login.php { auth_basic "Restricted Area"; auth_basic_user_file htpasswd; } Alternately, here are the entire contents of my configuration file (including the above four lines): server { listen *:80; server_name domain.com www.domain.com; root /var/www/domain.com/web; index index.html index.htm index.php index.cgi index.pl index.xhtml; error_log /var/log/ispconfig/httpd/domain.com/error.log; access_log /var/log/ispconfig/httpd/domain.com/access.log combine$ location ~ /\. { deny all; access_log off; log_not_found off; } location = /favicon.ico { log_not_found off; access_log off; } location = /robots.txt { allow all; log_not_found off; access_log off; } location /stats/ { index index.html index.php; auth_basic "Members Only"; auth_basic_user_file /var/www/web/stats/.htp$ } location ^~ /awstats-icon { alias /usr/share/awstats/icon; } location ~ \.php$ { try_files /b371b8bbf0b595046a2ef9ac5309a1c0.htm @php; } location @php { try_files $uri =404; include /etc/nginx/fastcgi_params; fastcgi_pass unix:/var/lib/php5-fpm/web11.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_intercept_errors on; } location / { try_files $uri $uri/ /index.php?$args; client_max_body_size 64M; } location ^~ /wp-login.php { auth_basic "Restricted Area"; auth_basic_user_file htpasswd; } } If it makes any difference, I'm using Ubuntu 14.04.1 LTS with Nginx 1.4.6 and ISPConfig 3.0.5.4p3.

    Read the article

  • Password best practices

    - by pcampbell
    Given the recent events with a 'hacker' learning and retrying passwords from website administrators, what can we suggest to everyone about best practices when it comes to passwords? use unique passwords between sites (i.e. never re-use a password) words found in the dictionary are to be avoided consider using words or phrases from a non-English language use pass phrases and use the first letter of each word l33tifying doesn't help very much Please suggest more!

    Read the article

  • Password Recovery

    - by Terry
    Currently we use Offline NT Password & Registry Editor for machines we do not have admin passwords for. It is a really nice tool but has some flaws. Is there something better/more modern?

    Read the article

  • remember password is not filling the password field automatically

    - by coder247
    IE is not filling the password field automatically when i click on the bookmarked url. But it's working on firefix,chrome etc. I tried with autocomplete="on" but no use. IE will fill the password only When i select a usename from the possible user names which the browser had kept for each login. And when i logout, user name will be filled in without the password. ( only in IE for other browsers both are filled). Thanks....

    Read the article

  • Can you figure out the password hashing scheme?

    - by Adal
    I have two passwords and two resulting hashes. I can't figure out how the hash is derived from the password. I don't know if salting is used. I don't know if the password is hashed as a integer value or as a string (possibly Unicode). Password: 6770 Hash: c12114b91a3841c143bbeb121693e80b Password: 9591 Hash: 25238d578b6a61c2c54bfe55742984c1 The hash length seems to suggest MD5. Anybody has any ideas what I could try? Note: This is not for hacking purposes. I'm trying to access a service through an API instead of it's desktop client, and I can't figure out how to compute the password hash. Currently instead of using my real password I'm sending directly the hash.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >