Search Results

Search found 94172 results on 3767 pages for 'user password'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 41/3767 | < Previous Page | 37 38 39 40 41 42 43 44 45 46 47 48  | Next Page >

  • Help needed in grokking password hashes and salts

    - by javafueled
    I've read a number of SO questions on this topic, but grokking the applied practice of storing a salted hash of a password eludes me. Let's start with some ground rules: a password, "foobar12" (we are not discussing the strength of the password). a language, Java 1.6 for this discussion a database, postgreSQL, MySQL, SQL Server, Oracle Several options are available to storing the password, but I want to think about one (1): Store the password hashed with random salt in the DB, one column Found on SO and elsewhere is the automatic fail of plaintext, MD5/SHA1, and dual-columns. The latter have pros and cons MD5/SHA1 is simple. MessageDigest in Java provides MD5, SHA1 (through SHA512 in modern implementations, certainly 1.6). Additionally, most RDBMSs listed provide methods for MD5 encryption functions on inserts, updates, etc. The problems become evident once one groks "rainbow tables" and MD5 collisions (and I've grokked these concepts). Dual-column solutions rest on the idea that the salt does not need to be secret (grok it). However, a second column introduces a complexity that might not be a luxury if you have a legacy system with one (1) column for the password and the cost of updating the table and the code could be too high. But it is storing the password hashed with a random salt in single DB column that I need to understand better, with practical application. I like this solution for a couple of reasons: a salt is expected and considers legacy boundaries. Here's where I get lost: if the salt is random and hashed with the password, how can the system ever match the password? I have theory on this, and as I type I might be grokking the concept: Given a random salt of 128 bytes and a password of 8 bytes ('foobar12'), it could be programmatically possible to remove the part of the hash that was the salt, by hashing a random 128 byte salt and getting the substring of the original hash that is the hashed password. Then re hashing to match using the hash algorithm...??? So... any takers on helping. :) Am I close?

    Read the article

  • How to export and import an user profile from one Quassel core to another?

    - by Zertrin
    I have been using Quassel as my bouncer for IRC for quite a long time now. We (a group of administrators of a small network) have set up a shared Quassel core with many users on the same core. But now I would like to export everything related to my user account from the Quassel database on this core, in order to re-import it later in another Quassel core on my own server. Unfortunately, while a feature for adding users has been implemented into Quassel, nothing is so far provided for either exporting or deleting an user. (if deleting-a-user feature was available, I could have made a copy of the current database, delete all the other users leaving only mine, and use this resulting database on my own server, while leaving the first one untouched on the shared server) Despite extensive research on the Internet on this subject, I've found so far no solution. I have to precise that the backend database for the core has been migrated from the default SQLite backend to a PosgreSQL backend as the database grew sensibly (over 1,5 GB for now). However I'd be glad to hear from any working solution (SQLite or PostgreSQL backend) describing a way to export the data related to a specific user profile and then re-import-it in a new Quasselcore database.

    Read the article

  • How to force user to user Administrator account in WinForms

    - by Smejda
    I have simple WinForms application where modifying Windows Registry. The problem is that in Vista / Windows 7 I need to force user to switch to administrator. I do not want to force user to Run as Administrator form start of the application. I want him to do it when there is necessity to write to registry. Best case scenario would be to reach exacly the same message which appear in lot's of Setups, when user need to 'switch' to Administrator so there is no necessity to Run as Administrator form beginning. How I can achieve this in .Net ?

    Read the article

  • How do you encourage users to fill out their profile?

    - by mattdell
    Hello, I wanted to open up the topic to discuss ways to encourage or incentivize users to fill in information in a user profile on a website, such as skills, location, organization, etc. More information in a user profile can give a website an improved capability for its users to search, network, and collaborate. Without bugging users to fill in their profiles (ie - via annoying e-mail reminders), what other ways have you guys come up with to encourage user input? Best, -Matt

    Read the article

  • User controls in masterpage and anonymous user

    - by Senad Uka
    I am developing a master page which includes the user control that generates a menu from the list with a specific logic. Before including the control into master page I successfully configured anonymous access to the site. After including the control and deploying - site prompts for user name and password. I allowed the anonymous access to the list. Oh yes ... It worked on SHarepoint 2010 beta, but the problem happens when deploying to the Sharepoint 2010 final release. Additional data: I am using Sharepoint Server 2010 with Standard features, standalone instalation on Windows Server 2008 R2 for deployment, and Visual Studio 2010 Ultimate for development of masterpage and user control.

    Read the article

  • How to record when user follows external links without slowing user down

    - by taw
    I want to track when user clicks external links for analytics purposes. The simplest solution is to replace all external links with links to special record-and-redirect controller, but that would slow the user unnecessarily. The second idea would be to override click event and within in $.post a message to record controller, then let the main event handler happen, which will usually be either click (open link in same tab) or middle click (open in new tab) - good either way, and the user won't have to wait for wait for my server to record it, it's fire-and-forget. (I don't care if users without Javascript don't get tracked) Is that a reasonable way to go? Or what else would be the best way to track all external link clicks?

    Read the article

  • Refactoring multiple if statements for user authentication with subdomains

    - by go minimal
    I'm building a typical web app where once a user signs up they access the app through their own subdomain (company.myapp.com). The "checking what kind of user if any is logged in" piece is starting to get very hairy and it obviously needs to be well-written because its run so often so I was wondering how you guys would re-factor this stuff. Here are the different states: A user must be logged in, the user must not have a company name, and the sub-domain must be blank A user must be logged in, the user must have a company name, that company name must match the current sub-domain A user must be logged in, the user must have a company name, that company name must match the current sub-domain, and the user's is_admin boolean is true if !session[:user_id].nil? @user = User.find(session[:user_id]) if @user.company.nil? && request.subdomains.first.nil? return "state1" elsif [email protected]? if @user.company.downcase == request.subdomains.first.downcase && [email protected]_admin return "state2" elsif @user.company.downcase == request.subdomains.first.downcase && @user.is_admin return "state3" end end end

    Read the article

  • MS Dynamics CRM users disappear

    - by Max Kosyakov
    Recently we came across quite a weird issue. The administrators say that once in a while they notice that user accounts in MS Dynamics CRM are lost . When a new user is added to the system, the administrators add him/her to the Active Directory first. Then, they go to Dynamics CRM interface, then to system configuration -> administration -> users and add the new user to the CRM, add roles to this user, grant them relevant permissions. Then the user is able to use a custom application, which connects to the Dynamics CRM via WCF. After a while (few weeks or months) the user is unable to use the custom application because Dynamics CRM cannot authorise this user. When administrators open the Dynamics CRM user management interface (configuration -> administration -> users ) and browse through the list of CRM users they cannot find the user in the list. When they try to add the user to Dynamics CRM back, the CRM fails with the error message "User already exists". Moreover, the user still exists in the Active Directory. The admins are very sure the user had been added to the CRM before he/she started to work. The only fact the the user was able to use the custom application normally says that the user had been indeed registered in the CRM. How come the user is not listed in the CRM user management interface at all? Have anyone faced any issues like that? Seen or heard of disappearing CRM users somewhere? Any help is appreciated. Where can one start digging?

    Read the article

  • In Puppet, how would I secure a password variable (in this case a MySQL password)?

    - by Beaming Mel-Bin
    I am using Puppet to provision MySQL with a parameterised class: class mysql::server( $password ) { package { 'mysql-server': ensure => installed } package { 'mysql': ensure => installed } service { 'mysqld': enable => true, ensure => running, require => Package['mysql-server'], } exec { 'set-mysql-password': unless => "mysqladmin -uroot -p$password status", path => ['/bin', '/usr/bin'], command => "mysqladmin -uroot password $password", require => Service['mysqld'], } } How can I protect $password? Currently, I removed the default world readable permission from the node definition file and explicitly gave puppet read permission via ACL. I'm assuming others have come across a similar situation so perhaps there's a better practice.

    Read the article

  • How to create a password-less service account in AD?

    - by Andrew White
    Is it possible to create domain accounts that can only be accessed via a domain administrator or similar access? The goal is to create domain users that have certain network access based on their task but these users are only meant for automated jobs. As such, they don't need passwords and a domain admin can always do a run-as to drop down to the correct user to run the job. No password means no chance of someone guessing it or it being written down or lost. This may belong on SuperUser ServerFault but I am going to try here first since it's on the fuzzy border to me. I am also open to constructive alternatives.

    Read the article

  • How secure is a bluetooth keyboard against password sniffing?

    - by jhs
    In a situation where an admin will enter sensitive information into a keyboard (the root password), what is the risk that a bluetooth keyboard (ship by default with Mac systems these days) would put those passwords at risk? Another way of asking would be: what security and encryption protocols are used, if any, to establish a bluetooth connection between a keyboard and host system? Edit: Final Summary All answers are excellent. I accepted that which links to the most directly applicable information however I also encourage you to read Nathan Adams's response and discussion about security trade-offs.

    Read the article

  • Can't validate mine, sudo nor root in Debian "Jessie" Gnome anymore?

    - by Janar
    I'm Debian beginner & GUI guy in a bit of trouble? Can't login as sudo/gksu/root/su nor as (main/super)user after removed user password via Gnome-user-settings. History of actions (Probably irrelevant though) Installed Debian "Jessie" GNU/Linux with xFce GUI (en-US) as only OS. HardWare is ThinkPad w510. Skipped root user password in setup, to get sudo for superuser easily. Logged in (as always had) with Gnome (3.4.x), not once with xFCE. (installed Xfce. Installed xFce only to achieve more control (easier management) over packages this way, to set-up gnome much more by mine likes. Added more jessie repros (same ones as in Wheesy stable by default but for Jessie as, Jessie only had repros for security updates by default). Installed lots of gtk(3) & gnome(3) based soft; (- restarted again after this) Installed propietary graphics card driver for mine nvidia quadro. (- restarted once again after that one) Installed more stuff related to mine work/school/devel. The actual problem Had a plan to restart again, but wanted to set up auto-login first, instead set user password to none (don't ask why / perhaps caused by being awake for a looooong time), noticed it, and set also to auto-login, but couldn't undo mine previous mistake to create new password for me. As mine password is set to none I would have expected that simply return in pass prompt for emty password field would do, but it won't authenticate. I tried Alt+F2 "gksu gedit" as well as: sudo wget "https://www.some-page.eu/file.ext" and "su" in terminals, none has applied (quite logical actually - as I'm sudoer and highest ranked super user, besides only user in computer). Current stand Everything worked & still works nice after this accident, besides this password prompts part. To spoked to log-out nor restart. Synaptic package-manager is still open with root rights (only one, that has left open prior to the issue and not closed since, just in case). Goggled for help and read some manuals/faqs/how-tos - mostly lead to sudoers file management, but not found one specifically for mine issue - so still not any smarter. Really hope, that I don't have to redo OS inst all over again, by just one stupid mistake. Thanks for your reply :-)

    Read the article

  • Migrating Identity Providers - specifying a new users password hash.

    - by Stephen Denne
    We'd like to switch Identity Provider (and Web Access Manager), and also the user directory we use, but would like to do so without users needing to change their password. We currently have the SSHA of the passwords. I'm expecting to write code to perform the migration. I don't mind how complex the code has to be, rather my concern is whether such a migration is possible at all. MS Active Directory would be our preferred user store, but I believe that it can not have new users set up in it with a particular password hash. Is that correct? What user directory stores can be populated with users already set up with a SSHA password? What Identity Provider and Access Management products work with those stores?

    Read the article

  • Keyring no longer prompts for password when SSH-ing

    - by Lie Ryan
    I remember that I used to be able to do ssh [email protected] and have a prompt asks me for a password to unlock the keyring for the whole GNOME session so subsequent ssh wouldn't need to enter the keyring password any longer (not quite sure if this is in Ubuntu or other distro). But nowadays doing ssh [email protected] would ask me, in the terminal, my keyring password every single time; which defeats the purpose of using SSH keys. I checked $ cat /etc/pam.d/lightdm | grep keyring auth optional pam_gnome_keyring.so session optional pam_gnome_keyring.so auto_start which looks fine, and $ pgrep keyring 1784 gnome-keyring-d so the keyring daemon is alive. I finally found that SSH_AUTH_SOCK variable (and GNOME_KEYRING_CONTROL and GPG_AGENT_INFO and GNOME_KEYRING_PID) are not being set properly. What is the proper way to set this variable and why aren't they being set in my environment (i.e. shouldn't they be set in default install)? I guess I can set it in .bashrc, but then the variables would only be defined in bash session, while that is fine for ssh, I believe the other environment variables are necessary for GUI apps to use keyring.

    Read the article

  • UI message passing programming paradigm

    - by Ronald Wildenberg
    I recently (about two months ago) read an article that explained some user interface paradigm that I can't remember the name of and I also can't find the article anymore. The paradigm allows for decoupling the user interface and backend through message passing (via some queueing implementation). So each user action results in a message being pased to the backend. The user interface is then updated to inform the user that his request is being processed. The assumption is that a user interface is stale by definition. When you read data from some store into memory, it is stale because another transaction may be updating the same data already. If you assume this, it makes no sense to try to represent the 'current' database state in the user interface (so the delay introduced by passing messages to a backend doesn't matter). If I remember correctly, the article also mentioned a read-optimized data store for rendering the user interface. The article assumed a high-traffic web application. A primary reason for using a message queue communicating with the backend is performance: returning control to the user as soon as possible. Updating backend stores is handled by another process and eventually these changes also become visible to the user. I hope I have explained accurately enough what I'm looking for. If someone can provide some pointers to what I'm looking for, thanks very much in advance.

    Read the article

  • User defined type for healthcare / Medical Records variable name prefixes?

    - by Peter Turner
    I was reading Code Complete regarding variable naming in trying to find an answer to this question and stumbled on a table of commonly accepted prefixes for programming word processor software. Well, I'm not a word processor software programmer, but if I was, I'd be happy to use those user defined types. Since I'm a programmer for a smallish healthcare ISV, and have no contact with the larger community of healthcare software programmers (other than the neglected and forsaken HealthCareIT.SE where I never had the chance to ask this question). I want to know if there is a coding convention for medical records. Like Patient = pnt and Chart = chrt and Medication = med or mdctn or whatever. I'm not talking full on hungarian notation, but just a standard that would fit in code complete in place of that wonderful chart of word processor UDT's which are of so little use to me.

    Read the article

  • User generated content: a basic yet simple to use OR a complex yet powerful solution?

    - by ne5tebiu
    As stated above, which solution is better for a game based on user generated content? The simple solution (in-game editor) is great for gamers without experience in coding and etc. In this way every player could populate the game with content. But the content would be very limited. The complex solution would allow the content to be with almost no limitation but casual gamers probably couldn't make hardly any content at all. If both solutions are used, the quality behind the second solution would be more valuable than the first solution's quantity. However, making a powerful in-game editor could even take more time and manpower than the actual game and every gamer would have to learn how to use the new complex tool, understand it, and master it if he or she wants to make quality content.

    Read the article

  • What's the term describing this system for generating user interfaces?

    - by mjfgates
    So, there's this idea, which you already know: Define the layout of your UI by creating a tree of panels. The leaf nodes on the tree are what we used to call 'controls' way back in the day-- the things that the user interacts with, radio buttons and listboxes and such. The internal nodes are mostly concerned with layout; this kind of panel stacks its child panels vertically, that kind puts its children into a grid, etc. It's COMMON. Most of the UI-generating systems I've seen in the past twenty years are implementations of this, and the ones that aren't borrow from it. What's the word for this idea?

    Read the article

  • iPhone User Interface Design

    - by Blaenk
    Hey guys, I've just had a nagging question for a while regarding iPhone app user interfaces. For example, consider WeightBot's User Interface. I am wondering, how are most of these user interfaces created? In general, of course. Is there a way to simply design controls (that is, the images) in a program like Photoshop, then use that 'skin' for controls in UIKit? I realize that there are some controls that are probably created by the programmer (custom controls), but I'm referring to the ready-made ones that come in UIKit. In other words, is the concept similar to 'splicing' web site designs? Where a designer draws out the design of the website in something like Photoshop, and then it is cut up into pieces which can be applied to form the actual website? I know this can be done for UIButtons, can this also be done for other controls, and is this how it is usually done? Or perhaps this is done with Core Animation? I've heard this from time to time, so does this mean that the User Interfaces are 'hard-coded'? Or is Core Animation only use for the 'effects', such as applying the glowing effect to the numbers in WeightBot? If there are any resources you can point me to I would really appreciate it. Thanks!

    Read the article

  • Populating a foreign key table with variable user input

    - by Vincent
    I'm working on a website that will be based on user contributed data, submitted using a regular HTML form. To simplify my question, let's say that there will be two fields in the form: "User Name" and "Country" (this is just an example, not the actual site). There will be two tables in the database : "countries" and "users," with "users.country_id" being a foreign key to the "countries" table (one-to-many). The initial database will be empty. Users from all over the world will submit their names and the countries they live in and eventually the "countries" table will get filled out with all of the country names in the world. Since one country can have several alternative names, input like Chile, Chili, Chilli will generate 3 different records in the countries table, but in fact there is only one country. When I search for records from Chile, Chili and Chilli will not be included. So my question is - what would be the best way to deal with a situation like this, with conditions such that the initial database is empty, no other resources are available and everything is based on user input? How can I organize it in such way that Chile, Chili and Chilli would be treated as one country, with minimum manual interference. What are the best practices when it comes to normalizing user submitted data and is there a scientific term for this? I'm sure this is a common problem. Again, I used country names just to simplify my question, it can be anything that has possible different spellings.

    Read the article

  • Encapsulating user input of data for a class (C++)

    - by Dr. Monkey
    For an assignment I've made a simple C++ program that uses a superclass (Student) and two subclasses (CourseStudent and ResearchStudent) to store a list of students and print out their details, with different details shown for the two different types of students (using overriding of the display() method from Student). My question is about how the program collects input from the user of things like the student name, ID number, unit and fee information (for a course student) and research information (for research students): My implementation has the prompting for user input and the collecting of that input handled within the classes themselves. The reasoning behind this was that each class knows what kind of input it needs, so it makes sense to me to have it know how to ask for it (given an ostream through which to ask and an istream to collect the input from). My lecturer says that the prompting and input should all be handled in the main program, which seems to me somewhat messier, and would make it trickier to extend the program to handle different types of students. I am considering, as a compromise, to make a helper class that handles the prompting and collection of user input for each type of Student, which could then be called on by the main program. The advantage of this would be that the student classes don't have as much in them (so they're cleaner), but also they can be bundled with the helper classes if the input functionality is required. This also means more classes of Student could be added without having to make major changes to the main program, as long as helper classes are provided for these new classes. Also the helper class could be swapped for an alternative language version without having to make any changes to the class itself. What are the major advantages and disadvantages of the three different options for user input (fully encapsulated, helper class or in the main program)?

    Read the article

  • about option buttons in User form

    - by Mars
    I have a question: I need to create a user form that contain that usual OK and Cancel Buttons. It also should contain two sets of Options buttons, each set placed inside a frame. The captions on the first set should be basketball, baseball, football, the captions on the second set should be watch on TV and Go to games. I need to write the event handlers and code in a module so that when the program runs, the user sees the form. If the user makes a couple of choices and clicks OK, he should see a message like "Your favorite sport is basketball, and you usually watch on TV." If the user clicks Cancel, the message "Sorry you don't want to play" should appear. I think I almost have it working, but I don't know why I cannot successfully execute the Macro. My Code is : Option Explicit Private Sub CommandButton2_Click() MsgBox ("sorry if you don't want to play") End Sub Private Sub commandbuttons_Click() Dim optbasket As String, optbaseball As String, optfootball As String Dim optwog As String, optgtg As String Select Case True Case optbasket optbasket = True Case optbaseball optbaseball = True Case optfootball optfootball = True End Select If optwog Then optwog = True Else optgtg = True End If btnok = MsgBox("you favorite sport is " & Frame1.Value & "you usually " & Frame2.Value & ",") End Sub Private Sub OptionButton1_Click() End Sub Private Sub btmcancel_Click() End Sub Private Sub btnok_Click() End Sub Private Sub Frame1_Click() End Sub Private Sub Frame2_Click() End Sub Private Sub optbaseball_Click() End Sub Private Sub optbasketball_Click() End Sub Private Sub optfootball_Click() End Sub Thank you very much!!!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 37 38 39 40 41 42 43 44 45 46 47 48  | Next Page >