Search Results

Search found 4220 results on 169 pages for 'generating passwords'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 46/169 | < Previous Page | 42 43 44 45 46 47 48 49 50 51 52 53  | Next Page >

  • Server authorization with MD5 and SQL.

    - by Charles
    I currently have a SQL database of passwords stored in MD5. The server needs to generate a unique key, then sends to the client. In the client, it will use the key as a salt then hash together with the password and send back to the server. The only problem is that the the SQL DB has the passwords in MD5 already. Therefore for this to work, I would have to MD5 the password client side, then MD5 it again with the salt. Am I doing this wrong, because it doesn't seem like a proper solution. Any information is appreciated.

    Read the article

  • How do I correctly model data in SQL-based databases that have some columns in common, but also have

    - by Brandon Weiss
    For instance, let's say I have a User model. Users have things like logins, passwords, e-mail addresses, avatars, etc. But there are two types of Users that will be using this site, let's say Parents and Businesses. I need to store some different information for the Parents (e.g. childrens' names, domestic partner, salaries, etc.) than for the Businesses (e.g. industry, number of employees, etc.), but also some of it is the same, like logins and passwords. How do I correctly structure this in a SQL-based database? Thanks!

    Read the article

  • default webmail url workaround

    - by jan
    Hi, Is there a way or at least a workaround on masking default webmail urls or disabling access webmail urls so users will not be able to change their passwords? Website is PHP based and is using apache server under a shared hosting account. The thing is that http://domain.com/webmail will let users access the main panel where they can change their individual passwords. We do not need this. Most solutions point to changing httpd.conf which we are not allowed to change since this is on a shared hosting service. I'm looking for at least a workaround to this issue. How about disabling it through their browsers if my client is under a network server, this would be a decent workaround isn't it? or are there any more suggestions aside from this? Please help. This is my urgent issue. Thank you very much!

    Read the article

  • How to change ldap password using zend

    - by NAVEED
    I am working with zend framework, PHP , Ldap on Ubuntu. I am authenticating users from ldap using zend library. Now I want to change user's ldap passwords using zend. Any Idea? This is the method that I am using to get zend authentication adapter. It is working perfectly and users are authenticated using this adapter. public function getAuthAdapter(array $params) { $front = Zend_Controller_Front::getInstance(); $options = $front->getParam('bootstrap')->getOption('ldap'); $params['username'] = split( "@" , $params['username'] ); $username = 'cn=' . $params['username'][0] . ',' . $options['server1']['baseDn']; $adapter = new Zend_Auth_Adapter_Ldap( $options, $username, $params['password']); $adapter->setIdentity( $params['username'] ); $adapter->setCredential( $params['password'] ); return $adapter; } Now how to change ldap passwords? Thanks

    Read the article

  • How to version control config files pragmatically?

    - by erenon
    Suppose we have a config file with sensitive passwords. I'd like to version control the whole project, including the config file as well, but I don't want to share my passwords. That could be good, if this config file: password=secret foo=bar becomes password=* foo=bar and the other users of the vcs could also set up the password on they own. To ignoring the file isn't a good approach, the developers should be aware, if the config file changes. Example: Local version: password=own_secret foo=bar config file in vcs: password=* foo=bar Then suddenly, the config file changes: password=* foo=bar baz=foo And the local version would become for each developer: password=own_secret foo=bar baz=foo This is my solution. How could I achieve this behaviour? How do you store your config files? Is there a way to do that, or should I hack something?

    Read the article

  • The Definitive Guide To Website Authentication (beta)

    - by Michiel de Mare
    Form Based Authentication For Websites Please help us create the definitive resource for this topic. We believe that stackoverflow should not just be a resource for very specific technical questions, but also for general guidelines on how to solve variations on common problems. "Form Based Authentication For Websites" should be a fine topic for such an experiment. It should include topics such as: how to log in how to remain logged in how to store passwords using secret questions forgotten password functionality OpenID "Remember me" checkbox Browser autocompletion of usernames and passwords secret urls (public urls protected by digest) checking password strength email validation and much more It should not include things like: roles and authorization http basic authentication Please help us by Suggesting subtopics Submitting good articles about this subject Editing the official answer (as soon as you have enough karma) UPDATE: See the terrific 7-part series by Jens Roland below.

    Read the article

  • What keying option does the keychain use?

    - by Rudiger
    I have read into the keychain and have found that it uses Triple DES. What I can't find is what keying option it uses. I am guessing / hoping that its keying option 1 where all 3 passwords are unique but if thats the case I can only think of two passwords it can use (user password and App ID that comes from your dev cert) so where is the third coming from? Is it a key private to Apple? If its keying option 2 (first and third key are the same) it might not be secure enough for our company to rely on. Although that might sound paranoid I have to justify to our security department that it is secure enough.

    Read the article

  • How can I make an expect script prompt for a password?

    - by MiniQuark
    I have an expect script that connects to a few routers through ssh. All these routers have the same password (I know, it's wrong), and the script needs to know that password in order to be able to connect to the routers. Currently, the password is passed to my script as an argument on the command line, but this means that there's a trace of that password in my .bash_history file as well as in the running processes. So instead I would like the user to be prompted for a password, if possible silently. Do you know whether or not it's possible to prompt the user for a password with expect? Thank you. Edit: if I was connecting to servers instead of routers, I would probably use ssh keys instead of passwords. But the routers I'm using just support passwords.

    Read the article

  • Restart nginx without sudo?

    - by tesmar
    So I want to be able to cap:deploy without having to type any passwords. I have setup all private keys so I can get to the remote servers fine, and am now using svn over ssh, so no passwords there. I have one last problem, I need to be able to restart nginx. Right now I have sudo /etc/init.d/nginx reload. That is a problem b/c it uses the capistrano password, the one I just removed b/c I am using keys. Any ideas on how to restart nginx w\out a password?

    Read the article

  • PHP SQL Form Insert

    - by Prateek Sachan
    I've developed a form that inserts many things into the database. But somehow, when the page is filled up; it inserts only the user_password that too of the database admin. here is the code. Any help would be great. Invalid Name: We want names with more than 3 letters. Invalid E-mail: Type a valid e-mail please. Passwords are invalid: Passwords doesnt match or are invalid! Please enter your contact number. Please enter your age Congratulations! All fields are OK ;)

    Read the article

  • SHA1CryptoServiceProvider changed in .NET 4

    - by WebDude
    I am currently trying to upgrade a project of mine from .NET 3.5 to .NET 4.0 Everything was going really well, all code compiled, all tests passed. Then I hit a problem deploying to my stagomg environment. Suddenly my logins were no longer working. It seems my SHA1 hashed passwords are being hashed differently in .NET 4. I am using the SHA1CryptoServiceProvider: SHA1CryptoServiceProvidercryptoTransformSHA1 = new SHA1CryptoServiceProvider(); To test I created a new Visual Studio project with 2 console applications. The first targeted at .NET Framework 3.5 and the second at 4.0. I ran exactly the same hashing code in both and different results were produced. Why is this happening and how can I fix this? I obviously cannot go update all of my users passwords considering I do not know what they are. Any help would be greatly appreciated.

    Read the article

  • Using the MySql ASP.NET membership provider with existing users

    - by ScottBelchak
    I have been tasked with migrating an existing mature ASP.NET 2.0 web site to NHibernate, Mono and MySQL or postgres. I am somewhat confused as how the membership provider salts the passwords. If I make the switch and use the MySQL membership provider (outlined in this question) or AspSqlProvider, will the existing users be able to login? I guess it would be easier for me to ask: How the hell do I get access to the encryption key used by the ASP.NET membership provider that salts the passwords so that I can use the same one in a third party provider?

    Read the article

  • How to prompt for username and password entry in C# / SQL ASP.NET web app?

    - by salvationishere
    How do I prompt for username and password in my C#/SQL web application? This was developed in VS 2008 on a 32-bit XP. The current connection string I'm using in my web.config file is: <add name="AdventureWorksConnectionString2" connectionString="Data Source=SIDEKICK;Initial Catalog=AdventureWorks;Persist Security Info=false; " providerName="System.Data.SqlClient" /> When I select Basic Authentication it pops up the warning: "The authentication option you have chosen results in passwords being sent over the network without data encryption..." How do I choose this authentication method and still send passwords over securely? So essentially I am looking for the most secure authentication method but that still requires users to input password?

    Read the article

  • It's not just “Single Sign-on” by Steve Knott (aurionPro SENA)

    - by Greg Jensen
    It is true that Oracle Enterprise Single Sign-on (Oracle ESSO) started out as purely an application single sign-on tool but as we have seen in the previous articles in this series the product has matured into a suite of tools that can do more than just automated single sign-on and can also provide rapidly deployed, cost effective solution to many demanding password management problems. In the last article of this series I would like to discuss three cases where customers faced password scenarios that required more than just single sign-on and how some of the less well known tools in the Oracle ESSO suite “kitbag” helped solve these challenges. Case #1 One of the issues often faced by our customers is how to keep their applications compliant. I had a client who liked the idea of automated single sign-on for most of his applications but had a key requirement to actually increase the security for one specific SOX application. For the SOX application he wanted to secure access by using two-factor authentication with a smartcard. The problem was that the application did not support two-factor authentication. The solution was to use a feature from the Oracle ESSO suite called authentication manager. This feature enables you to have multiple authentication methods for the same user which in this case was a smartcard and the Windows password.  Within authentication manager each authenticator can be configured with a security grade so we gave the smartcard a high grade and the Windows password a normal grade. Security grading in Oracle ESSO can be configured on a per application basis so we set the SOX application to require the higher grade smartcard authenticator. The end result for the user was that they enjoyed automated single sign-on for most of the applications apart from the SOX application. When the SOX application was launched, the user was required by ESSO to present their smartcard before being given access to the application. Case #2 Another example solving compliance issues was in the case of a large energy company who had a number of core billing applications. New regulations required that users change their password regularly and use a complex password. The problem facing the customer was that the core billing applications did not have any native user password change functionality. The customer could not replace the core applications because of the cost and time required to re-develop them. With a reputation for innovation aurionPro SENA were approached to provide a solution to this problem using Oracle ESSO. Oracle ESSO has a password expiry feature that can be triggered periodically based on the timestamp of the users’ last password creation therefore our strategy here was to leverage this feature to provide the password change experience. The trigger can launch an application change password event however in this scenario there was no native change password feature that could be launched therefore a “dummy” change password screen was created that could imitate the missing change password function and connect to the application database on behalf of the user. Oracle ESSO was configured to trigger a change password event every 60 days. After this period if the user launched the application Oracle ESSO would detect the logon screen and invoke the password expiry feature. Oracle ESSO would trigger the “dummy screen,” detect it automatically as the application change password screen and insert a complex password on behalf of the user. After the password event had completed the user was logged on to the application with their new password. All this was provided at a fraction of the cost of re-developing the core applications. Case #3 Recent popular initiatives such as the BYOD and working from home schemes bring with them many challenges in administering “unmanaged machines” and sometimes “unmanageable users.” In a recent case, a client had a dispersed community of casual contractors who worked for the business using their own laptops to access applications. To improve security the around password management the security goal was to provision the passwords directly to these contractors. In a previous article we saw how Oracle ESSO has the capability to provision passwords through Provisioning Gateway but the challenge in this scenario was how to get the Oracle ESSO agent to the casual contractor on an unmanaged machine. The answer was to use another tool in the suite, Oracle ESSO Anywhere. This component can compile the normal Oracle ESSO functionality into a deployment package that can be made available from a website in a similar way to a streamed application. The ESSO Anywhere agent does not actually install into the registry or program files but runs in a folder within the user’s profile therefore no local administrator rights are required for installation. The ESSO Anywhere package can also be configured to stay persistent or disable itself at the end of the user’s session. In this case the user just needed to be told where the website package was located and download the package. Once the download was complete the agent started automatically and the user was provided with single sign-on to their applications without ever knowing the application passwords. Finally, as we have seen in these series Oracle ESSO not only has great utilities in its own tool box but also has direct integration with Oracle Privileged Account Manager, Oracle Identity Manager and Oracle Access Manager. Integrated together with these tools provides a complete and complementary platform to address even the most complex identity and access management requirements. So what next for Oracle ESSO? “Agentless ESSO available in the cloud” – but that will be a subject for a future Oracle ESSO series!                                                                                                                               

    Read the article

  • Ecryptfs: lost passphrase

    - by Sherlock3890
    When i mounted some dir by mount -t ecryptfs private data i entered wrong password. I wrote data in this dir and now i can't mount it. I have no valid password and passphrase (know only the same), but have SIG in /root/.ecryptfs/sig-cache.txt. How i can recover my directory or, at least, "brute it": type many-many passwords like entered when mounting this dir and compare generated sig with existing?

    Read the article

  • Not able to add PC and synchronise files with Ubuntu One

    - by Ryan Hawthorne
    I have tried to add my PC to my Ubuntu One account 3 or 4 times: while I log in successfully in the Ubuntu One interface (after deleting my Ubuntu One password in 'passwords'), my folders don't give me an option to synchronise. I don't get the pink bar saying 'these folders cannot be synchronised'; I get nothing at all, no option. The second time I tried it seemed to work – but then it stopped working again.

    Read the article

  • What should you leave behind for your successors?

    - by SnOrfus
    Assume that you're a sole developer leaving a job. What kind of information/material, outside of the code itself, should you create and leave behind for your replacement? An obvious answer is "whatever you would want at a new job" for sure, but it's been a while since I started a new job, and I forget what the most important things that I needed were back then. I'm thinking: accounts/passwords location of equpiment What else?

    Read the article

  • Credential Error when launching Ubuntu One

    - by user85997
    I encountered the following error when I launch "Ubuntu One" client: CredentialsError DBusException(dbus.String(u'Process /usr/lib/ubuntu-sso-client/ubuntu-sso-login exited with status 1'),) I read some FAQ about how to reinstall the "Ubuntu One" client. But one of the step about "Password and Encryption", I face this issue. I can't seem to find Applications-Accessories-Passwords and Encryption Keys on my Ubuntu 12.04 PC. Anyone can help, pls?

    Read the article

  • What should you leave behind for your successors?

    - by SnOrfus
    Assume that you're a sole developer leaving a job. What kind of information/material, outside of the code itself, should you create and leave behind for your replacement? An obvious answer is "whatever you would want at a new job" for sure, but it's been a while since I started a new job, and I forget what the most important things that I needed were back then. I'm thinking: accounts/passwords location of equpiment What else?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 42 43 44 45 46 47 48 49 50 51 52 53  | Next Page >