Search Results

Search found 14302 results on 573 pages for 'saved password'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 435/573 | < Previous Page | 431 432 433 434 435 436 437 438 439 440 441 442  | Next Page >

  • Understanding CGI and SQL security from the ground up

    - by Steve
    This question is for learning purposes. Suppose I am writing a simple SQL admin console using CGI and Python. At http://something.com/admin, this admin console should allow me to modify a SQL database (i.e., create and modify tables, and create and modify records) using an ordinary form. In the least secure case, anybody can access http://something.com/admin and modify the database. You can password protect http://something.com/admin. But once you start using the admin console, information is still transmitted in plain text. So then you use HTTPS to secure the transmitted data. Questions: To describe to a learner, how would you incrementally add security to the least secure environment in order to make it most secure? How would you modify/augment my three (possibly erroneous) steps above? What basic tools in Python make your steps possible? Optional: Now that I understand the process, how do sophisticated libraries and frameworks inherently achieve this level of security?

    Read the article

  • How to hash and salt passwords

    - by Henrik Skogmo
    I realize that this topic have been brought up sometimes, but I find myself not entirely sure on the topic just yet. What I am wondering about how do you salt a hash and work with the salted hash? If the password is encrypted with a random generated salt, how can the we verify it when the user tries to authenticate? Do we need to store the generated hash in our database as well? Is there any specific way the salt preferably should be generated? Which encryption method is favored to be used? From what I hear sha256 is quite alright. And lastly, would it be an idea to have the hash "re-salted" when the user authenticates? Thank you!

    Read the article

  • Best way to Store Passwords, User information/Profile data and Photo/Video albums for a social websi

    - by Nick
    Need some help figuring out how to best Store Passwords, User information/Profile data and Photo/Video albums for a social website? For photos/videos the actual photo/video + even encrypting the URL with the IDs to the photo/videos so other users cannot figure it out. Creating a site like myspace and designing retirement documents but i am unsure how to specify the security requirements for the database. Two things: 1) Protect from outside users 2) Protect all these from employees being able to access this info For #2, the additional question is: If we encrypt the user info and password so even the system admins cannot get in, how can we retrieve the user data tomorrow if someone flags the user's account as spam and admin needs to check it out or if law enforcement wants info on a user? Thanks.

    Read the article

  • How to configure .NET test assembly to use website web.config?

    - by Morten Christiansen
    I've run into a problem setting up Selenium tests for an ASP.NET MVC project in cases where I need the settings provided in the web.config of the site under test. The problem is that I want to create a dummy user before running the test and this causes an error saying that the password-answer supplied is invalid. This is due to the test assembly not using the web.config, instead using default values for membership configuration. I've tried to copy the relevant section (membership configuration) into the app.config of the assembly without luck, but I admit I'm just grasping at straws here.

    Read the article

  • Access Authentication

    - by youssef
    I wanna know, how I can set user name and password for each user in TortoiseSVN and I already did these steps to made repository: - Created a file then created repository in this file. - Changed " svnserve.conf " in conf file. - Then set all user and them passwd in conf file. - I changed authz to access my repository also including in conf file. I try and try to Authentication many of users for each project but as file not Http. I hope to someone help me in this issue.

    Read the article

  • Crowdsourcing translation for mobile developers?

    - by superg
    I am developing applications for mobile phones with different operating systems (Android, Symbian, iPhone). Applications are sold internationally so they need to be translated to different languages in addition to english version. I assume most mobile developers do the translations using some paid external service each time. This approach does not look very cost-effective to me. Would it make sense to have a website where simple translations would be done using crowdsourcing (other developers)? Most strings in mobile applications are very simple and short, for example "OK, "Cancel", "Are you sure?", "Please enter your password". Also the same strings are used in hundreds of applications. Instead of paying for translating all strings, developers could save money by only buying their difficult application specific translations. Does anyone agree with this idea? I have seen many opensource projects doing the translations succesfully using volunteers.

    Read the article

  • Hot to log in to a website using installed twill?

    - by brilliant
    Hello, everybody!!!! I have just successfully installed TWILL on my computer with the help of one very supportive member of "StackOverflow" (you can check it out HERE) and have tried to run one of the simple examples on the twill documentation page (you can see that page HERE). Here is that example: Let's say my username on www.slash.org is lynxye and my password is mammal. When I try to enter that exanple code into my Python prompt, I can only enter the first line of the code bexcause when I click on "Enter" to start a new line, I get some error messages right away: The same happens when I try to enter this code into my terminal: I think I miss out on some basics here. Perhaps, I need to create a file that would contain that code and then run that file somehow, but I really don't know where I need to create that file and with what extensdion. Can anyone, please, help me with this?

    Read the article

  • Preventing dictionary attacks on a web application

    - by Kevin Pang
    What's the best way to prevent a dictionary attack? I've thought up several implementations but they all seem to have some flaw in them: Lock out a user after X failed login attempts. Problem: easy to turn into a denial of service attack, locking out many users in a short amount of time. Incrementally increase response time per failed login attempt on a username. Problem: dictionary attacks might use the same password but different usernames. Incrementally increase response time per failed login attempt from an IP address. Problem: easy to get around by spoofing IP address. Incrementally increase response time per failed login attempt within a session. Problem: easy to get around by creating a dictionary attack that fires up a new session on each attempt.

    Read the article

  • PHP cookie removal in FireFox 14.0.1

    - by sepoto
    <?php session_start(); $_SESSION['logged_in'] = false; setcookie("dsgpassword127", $password, time()-3600); /* expire the cookie */ setcookie("dsgemail127", $email, time()-3600); /* expire the cookie */ session_destroy(); header("location: index.php"); ?> The code above which works very well in Chrome will not remove the cookies in FireFox 14.0.1. I am wondering why this is, if anyone has experienced the same problem or if there is a solution to this conundrum I am in when it comes to expiring these cookies.... Thank you.

    Read the article

  • how to stop lightbox from closeing after submit button is clicked?

    - by Mahmoud
    hey all i am using lightbox to show an enlarge image of the thumbnail images, where in each enlarged image there is a submit button, when that button is clicked it addes to jcart and refreshes the pages, for demo please visit secure.sabayafrah.com username = mahmud password = mahmud now as you can see when you click at the thumbnail lightbox well show you an enlarge image in a bubble, where there is an submit image below the enlarged image if it was clicked it must add to cart and not refresh the page. i am using jcart as add to cart and lightbox to enlarge the images i asked so many people and all suggested that i use jquery live but i never used ajax so i am stuck here is it possible if yes is their a demo or a code well do this feature

    Read the article

  • MySQL command-line tool: How to find out number of rows affected by a DELETE?

    - by ambivalence
    I'm trying to run a script that deletes a bunch of rows in a MySQL (innodb) table in batches, by executing the following in a loop: mysql --user=MyUser --password=MyPassword MyDatabase < SQL_FILE where SQL_FILE contains a DELETE FROM ... LIMIT X command. I need to keep running this loop until there's no more matching rows. But unlike running in the mysql shell, the above command does not return the number of rows affected. I've tried -v and -t but neither works. How can I find out how many rows the batch script affected? Thanks!

    Read the article

  • How to give anonymous access to site in IIS ?

    - by Lalit
    Hi, I want to give the anonymous access to my deployed site on IIS. i checked in Directory Security by right clicking on site in IIS there is checked the box Enable Anonymous access.also there is user IUSR_MySERVER is there. but still it is asking for user name & pwd. why. I don't want to ask any uname and pwd when site accessing. What to do? please help. I fact my application is, i am importing the Excel sheet from file location in my applicatiom. When i saying browse it run perfect . But when i say Import , it asking for the username and password. on Click of Import button I am reading Excelsheet in datatable by interop services. What should this problem should be?

    Read the article

  • grails mail connection refused

    - by mkoryak
    it seems i have tried the mail config in the way that its docs said, but still i get: Error 500: Executing action [x] of controller [x] caused exception: Mail server connection failed; nested exception is javax.mail.MessagingException: Could not connect to SMTP I am using google apps for my email so [email protected] is using gmail. i cannot get grails to send out a test message on my dev box (win 7). my config is: host = "smtp.gmail.com" port = 465 username = "[email protected]" password = "x" props = ["mail.smtp.auth":"true", "mail.smtp.debug":"true", "mail.smtp.starttls.enable":"true", "mail.smtp.socketFactory.port":"465", "mail.smtp.socketFactory.class":"javax.net.ssl.SSLSocketFactory", "mail.smtp.socketFactory.fallback":"false"]

    Read the article

  • Java String to SHA1

    - by AeroDroid
    I'm trying to make a simple String to SHA1 converter in Java and this is what I've got... public static String toSHA1(byte[] convertme) { MessageDigest md = null; try { md = MessageDigest.getInstance("SHA-1"); } catch(NoSuchAlgorithmException e) { e.printStackTrace(); } return new String(md.digest(convertme)); } When I pass it toSHA1("password".getBytes()), I get "[?a?????%l?3~??." I know it's probably a simple encoding fix like UTF-8, but could someone tell me what I should do to get what I want which is "5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8"? Or am I doing this completely wrong? Thanks a lot!

    Read the article

  • Seeking FOSS user admin code

    - by Mawg
    It must be a fairly standard wheel, so I'd rather not reinvent it. Create/modify/delete users. Ditto their passwords & maybe enforce password change every X days. Also, create groups, like "sales", "support", etc and add/remove users. The only unique part should be what they have permission to do (visit certain parts of the site after login, etc) And I'd like to store admin data in an ODBC compliant database (MySql to start with, but I may move on). Is this a new wheel? There doesn't seem to be much of anything on SourceForge, but if I could find something established and trusted I wouldn't even mind paying a few $100 as a trade of for the time needed to develop & test it.

    Read the article

  • Google Contacts Data API and PHP

    - by pako
    I'm developing a PHP application to retrieve the list of contacts from a GMail account. I'm looking for a solution which would enable the user of my application to provide the login and password to their Gmail account in my application (as opposed to getting redirected to Google) and then automatically do the retrieval. The retrieval process can be run in PHP or JavaScript (which would then feed the list of contacts back to PHP using Ajax). Is it possible to do that? Which JavaScript API should I use for that? Can someone point me at the right chapter in Google Contacts Data API documentation?

    Read the article

  • How to eliminate authentication on my MVC app that is called from asp.net forms app

    - by Mark Kadlec
    Curious what recommendations anyone has. I have an existing asp.net forms application that does a Forms Authentication and has identity impersonate turned on. The application has a link to a questionnaire that I would like to develop separately in an asp.net MVC application, but I don't want the users to click on the link and be prompted for a username and password, I would like them to be able seamless start filling out the questionnaire. Is there a way to somehow transfer authentication from one .net app to another? I would like to be able to pass stuff like UserRole. What's the best way to do this?

    Read the article

  • Connecting to Sharepoint using HttpClient

    - by Aravindan R
    I am trying to connect to a Sharepoint 2007 using HttpClient 4. The Authentication scheme is NTLM and i wrote an implementation based on this (http://hc.apache.org/httpcomponents-client-ga/ntlm.html). When i try to connect supplying NTCredentials (username,password,host & domain), i get a 500 error saying "The requested function is not supported". I am trying to understand this error. Does anyone know what this error is? and Why is this occuring? Thanks

    Read the article

  • What frameworks should we consider for a custom web application?

    - by justkevin
    A client is looking for a custom web application, which will eventually include lots of interconnected components, but the main features are: Subscription based membership as well as virtual/digital product sales Members have their own public web cookie-cutter directories (e.g., storefronts, pages, etc.) and personal member admin area. Site administrators will need both common tools (member admin, password changes, etc.) and custom tools that can be readily developed or integrated with 3rd party solutions. What frameworks should we be looking at? PHP/MySQL is preferable unless something really outstanding is available in another stack.

    Read the article

  • Web Form based login in Java

    - by BrunoLM
    How can I block access to the site if a user is not logged in? Under web.xml Security I checked Form authentication then I selected Login and Error page, but I don't know how to block the access and redirect the user to the login page. Do I need a filter? If so, how can I get the login url I specified? And how should I call the validation method? I saw in some examples this code <form method=post action="j_security_check"> <input type="text" name="j_username" /> <input type="password" name="j_password" /> </form> What does it do?

    Read the article

  • Need to copy remotely hosted file via Shell Command

    - by pnm123
    There is a file that hosted remotely on a server that is not supporting Shell Access. I bought a new server that supports Shell Access so now I want to copy a file that is on the non-supporting server to new server via a Shell Command using Putty. File url is like this http://www.domain.com/file.gzip and it is username/password protected. To be more specific, I want to copy a backup of a home directory from cPanel to my new server via Shell command. I have done this few months ago but I don't remember it now and also I failed to Google it.

    Read the article

  • C# How to download files from FTP Server

    - by user3696888
    I'm trying to download a file (all kinds of files, exe dll txt etc.). And when I try to run it an error comes up on: using (FileStream ws = new FileStream(destination, FileMode.Create)) This is the error message: Access to the path 'C:\Riot Games\League of Legends\RADS\solutions \lol_game_client_sln\releases\0.0.1.41\deploy'(which is my destination, where I want to save it) is denied. Here is my code void download(string url, string destination) { FtpWebRequest request = (FtpWebRequest)WebRequest.Create(url); request.Method = WebRequestMethods.Ftp.DownloadFile; request.Credentials = new NetworkCredential("user", "password"); request.UseBinary = true; using (FtpWebResponse response = (FtpWebResponse)request.GetResponse()) { using (Stream rs = response.GetResponseStream()) { using (FileStream ws = new FileStream(destination, FileMode.Create)) { byte[] buffer = new byte[2048]; int bytesRead = rs.Read(buffer, 0, buffer.Length); while (bytesRead > 0) { ws.Write(buffer, 0, bytesRead); bytesRead = rs.Read(buffer, 0, buffer.Length); } } } }

    Read the article

  • Google App Engine says "Must authenticate first." while trying to deploy any app

    - by Oleksandr Bolotov
    Google App Engine says "Must authenticate first." while trying to deploy any app: me@myhost /opt/google_appengine $ python appcfg.py update ~/sda2/workspace/lyapapam/ Application: lyapapam; version: 1. Server: appengine.google.com. Scanning files on local disk. Scanned 500 files. Scanned 1000 files. Initiating update. Email: <my_email_was_here>@gmail.com Password for <my_email_was_here>@gmail.com: Error 401: --- begin server output --- Must authenticate first. --- end server output --- We are getting this message with any appliation and under any developer account avialable to us That's what we have installed: App Engine SDK - 1.3.2 PIL - 1.1.7 Python - 2.5.5 pip - 0.6.3 ssl - 1.15 wsgiref - 0.1.2 How can I fix it? Is it well known problem?

    Read the article

  • What is the best way to keep database data encrypted with user passwords?

    - by Dan Sosedoff
    Let's say an application has really specific data which belongs to a user, and nobody is supposed to see it except the owner. I use MySQL database with DataMapper ORM mapper. The application is written in Ruby on Sinatra. Application behavior: User signs up for an account. Creates username and password. Logs into his dashboard. Some fields in specific tables must be protected. Basically, I'm looking for auto-encryption for a model properties. Something like this: class Transaction include DataMapper::Resource property :id, Serial property :value, String, :length => 1024, :encrypted => true ... etc ... belongs_to :user end I assume that encryption/decryption on the fly will cause performance problems, but that's ok. At least if that works - I'm fine. Any ideas how to do this?

    Read the article

  • Stored procedure does not return data if executed from VBA

    - by Sam
    I had stored procedure MySPOld in Sybase db. I created new sp MySP. This new sp returns data while executed from Sybase Sql Advantage. But not returning the data when called from VBA - Excel 2003 (EOF property of recordset is True). Here is my code.. Dim dbCon As ADODB.Connection Dim rstTemp As New ADODB.Recordset Dim query As String query = "exec MySP '01/01/2010', '01/14/2010'" dbCon.Open connectionString, "username" "password" dbCon.CommandTimeout = 300 rstTemp.Open query, dbCon, adOpenForwardOnly The code was working well with old sp. What could be the problem ? any idea ? Thanks in Advance.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 431 432 433 434 435 436 437 438 439 440 441 442  | Next Page >