Search Results

Search found 15110 results on 605 pages for 'master password'.

Page 59/605 | < Previous Page | 55 56 57 58 59 60 61 62 63 64 65 66 | Next Page >

Hot to trigger saved password autofill in browsers?

- by Aleksander Kmetec

I have a web application written in pure JavaScript (no pre-generated HTML except for the document which loads all the JS files). This app contains a login form which is created dynamically when the document.ready event event is triggered. I trick the browser into displaying the "Remember password?" dialog by posting the login form into a hidden iframe before logging in using ajax (in Firefox the password appears on the saved password list, so this part obviously works) but saved passwords never get filled in after the login screen is loaded again at a later time. The same thing happens in Firefox and Safari. Is there something I can do or some function I can call to trigger autofill?

Read the article
Facebook Connect and Hash Password Encryption

- by JamesStrocel

I'm trying to integrate a Zen Cart site with Facebook Connect. So far, I've been able to get Zen Cart to recognize that the user has a facebook account and is logged in, but that's it. True authentication into Zen Cart eludes me because I can't figure out where a password could be stored and how to get it to Zen Cart to be compared with the password hash. I know Facebook Connect has been implemented with webapps that have such passwords like wordpress, so I know there must be a way to do it. Is the password stored in a cookie? In the Facebook application itself? Any help would be appreciated, even if it's just a place to start searching.

Read the article
Django, ModelForms, User and UserProfile - not hashing password

- by IvanBernat

I'm trying to setup a User - UserProfile relationship, display the form and save the data. When submitted, the data is saved, except the password field doesn't get hashed. Additionally, how can I remove the help_text from the username and password (inherited from the User model)? Full code is below, excuse me if it's too long. Models.py USER_IS_CHOICES = ( ('u', 'Choice A'), ('p', 'Choice B'), ('n', 'Ninja'), ) class UserProfile(models.Model): user = models.ForeignKey(User, unique=True) user_is = models.CharField(max_length=1, choices=USER_IS_CHOICES) Forms.py class UserForm(forms.ModelForm): class Meta: model = User fields = ["first_name", "last_name", "username", "email", "password"] def clean_username(self): username = self.cleaned_data['username'] if not re.search(r'^\w+$', username): raise forms.ValidationError('Username can contain only alphanumeric characters') try: User.objects.get(username=username) except ObjectDoesNotExist: return username raise forms.ValidationError('Username is already taken') class UserProfileForm(forms.ModelForm): class Meta: model = UserProfile fields = ['user_is'] Views.py if request.method == 'POST': uform = UserForm(request.POST) pform = UserProfileForm(request.POST) if uform.is_valid() and pform.is_valid(): user = uform.save() profile = pform.save(commit = False) profile.user = user profile.save() return HttpResponseRedirect('/') else: uform = UserForm() pform = UserProfileForm() variables = RequestContext(request, { 'uform':uform, 'pform':pform }) return render_to_response('registration/register.html', variables)

Read the article
How to trigger saved password autofill in browsers?

- by Aleksander Kmetec

I have a web application written in pure JavaScript (no pre-generated HTML except for the document which loads all the JS files). This app contains a login form which is created dynamically when the document.ready event event is triggered. I trick the browser into displaying the "Remember password?" dialog by posting the login form into a hidden iframe before logging in using ajax (in Firefox the password appears on the saved password list, so this part obviously works) but saved passwords never get filled in after the login screen is loaded again at a later time. The same thing happens in Firefox and Safari. Is there something I can do or some function I can call to trigger autofill? UPDATE: autofill works in Safari on initial page load, but not when user logs out and the login form is recreated without a page reload. In Firefox it never works.

Read the article
Authlogic Multiple Password Validation

- by Hock

Hello, I'm using Authlogic to manage my user sessions. I'm using the LDAP add-on, so I have the following in my users model acts_as_authentic do |c| c.validate_password_field = false end The problem is that recently I found out that there will be some users inside the application that won't be part of the LDAP (and can't be added!). So I would need to validate SOME passwords against the database and the others against the LDAP. The users whose password will be validated against the database will have an specific attribute that will tell me that that password will be validated in my database. How can I manage that? Is it possible that the validate_password_field receives a "variable"? That way I could create some method that will return true/false depending on where the password validation will be done? Thanks! Nicolás Hock Isaza

Read the article
Ruby fixtures error with password column

- by user347998

I am trying to load a fixture for my tests which has a password column (binary datatype). The tool i am using uses EzCrypto gem for encrypting and decrypting passwords before they are stored/retrieved. Now if my column is binary i thought rails would automatically store the password as encrypted - but all i get is: 1) Error: test_is_working(FirstTest): RuntimeError: Failed to decode the field. Incorrect key? /Library/Ruby/Gems/1.8/gems/mislav-will_paginate-2.3.11/lib/will_paginate/finder.rb:170:in method_missing' unit/first_test.rb:8:insetup' 2) Error: test_sanity(FirstTest): RuntimeError: Failed to decode the field. Incorrect key? unit/first_test.rb:8:in `setup' Fixture file looks like this: first_hussle: type: FirstAccount user: jsewq username: [email protected] password: 'abc123' any clues?

Read the article
shadow password

- by LinuxGeek

I'm trying to compare shadow password with php cli but not work ! i use this function so i can create password like shadow function shadow ($input){ for ($n = 0; $n < 9; $n++){ $s .= chr(rand(64,126)); } $seed = "$1$".$s."$"; $return = crypt($input,$seed); return $return; } when i replace the result in shadow it's work with the password but it's have different character how i can compare it . thanks

Read the article
Ruby PTY.spawn is Hanging - How to fill out Email and Password in simple example

- by viatropos

After asking this question, it looks like I need to use Ruby's PTY Module, of which there is no documentation. I have written this code to try to push content to Google App Engine because the python command sometimes asks me for my username and password. But when I run this code, it just hangs. cmd = "appcfg.py update cdn" PTY.spawn("#{cmd} 2>&1") do | input, output, pid | begin input.expect("Email:") do output.write("#{credentials[:username]}\n") end input.expect("Password:") do output.write("#{credentials[:password]}\n") end rescue Exception => e puts "GAE Error..." end end What am I missing here? How can I get this to work?

Read the article
URL Encoding of Characters in a password field

- by Alavoil

I am trying to pass login credentials to a PHP script that I have in my iPhone app. When I pull a password with special characters the password is missing certain characters especially the percent sign. I am trying to encode the text but even before I send it, the percent sign is missing. //password_field is a UITextField holding the password: !@#$%^&*() NSString *tmpPass = [password_field.text stringByAddingPercentEscapesUsingEncoding:NSUTF8StringEncoding]; NSLog(p_field.text); NSLog(tmpPass); This is what appears in the console: !@#$^&*() [email protected]&*() Is there any reason why it would be dropping the percent sign?

Read the article
comparing salt and hashed passwords during login doesn't seem work right....

- by Pandiya Chendur

I stored salt and hash values of password during user registration... But during their login i then salt and hash the password given by the user, what happens is a new salt and a new hash is generated.... string password = collection["Password"]; reg.PasswordSalt = CreateSalt(6); reg.PasswordHash = CreatePasswordHash(password, reg.PasswordSalt); These statements are in both registration and login.... salt and hash during registration was eVSJE84W and 18DE22FED8C378DB7716B0E4B6C0BA54167315A2 During login it was 4YDIeARH and 12E3C1F4F4CFE04EA973D7C65A09A78E2D80AAC7..... Any suggestion.... public static string CreateSalt(int size) { //Generate a cryptographic random number. RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(); byte[] buff = new byte[size]; rng.GetBytes(buff); // Return a Base64 string representation of the random number. return Convert.ToBase64String(buff); } public static string CreatePasswordHash(string pwd, string salt) { string saltAndPwd = String.Concat(pwd, salt); string hashedPwd = FormsAuthentication.HashPasswordForStoringInConfigFile( saltAndPwd, "sha1"); return hashedPwd; }

Read the article
Looking for a safe, portable password-storage method

- by Maciek

Hello, I'm working on C++ project that is supposed to run on both Win32 and Linux, the software is to be deployed to small computers, usually working in remote locations. Recently, our client has requested that we introduce access control via password protection. We are to meet the following criteria : Support remote login Support remote password change Support remote password retrieval Support data retrieval on accidental/purposeful deletion Support secure storage I'm capable of meeting the "remote" requirements using an existing library, however what I do need to consider is a method of storing this data, preferably in a way that will work on both platforms and will not let the user see it/read it, encryption is not the issue here - it's the storage method itself. Can anyone recommend a sage storage method that could help me meet those criteria?

Read the article
protect (encrypt) password in the web.config file (asp.net)

- by Hazro City

<system.net> <mailSettings> <smtp from="[email protected]" deliveryMethod="Network"> <network clientDomain="www.domain.com" host="smtp.live.com" defaultCredentials="false" port="25" userName=" [email protected] " password="password" enableSsl="true" /> </smtp> </mailSettings> </system.net> This is the case where I need encryption for my password. I searched and googled much on the web but I can’t be able to encrypt anymore. Can anyone help me do this in a simple but secure way.

Read the article
does it make sense to send password information during email communication from websites

- by Samuel

Most of the online sites on registration do send a link to activate the site and on any further correspondence with the end user they provide information about the site and also provide the login credentials with password in clear text (as given below) Username - [email protected] Password - mysecretpassword What would you do in such a case? From a usability perspective does it make sense to send the password information in clear text or should you just avoid sending this information. I was under the impression that most of the passwords are MD5 hashed before storing in the database and hence the service provider will not have any access to clear text passwords, is this a security violation?

Read the article
remember passowrd works in ff but not in ie and chrome

- by jasperdejong

Hi, It seems that my html login form support remember password in ff but not in ie and chrome. Can anybody tell me why? Here's the code: <form name="login_form" id="login_form" action="" method="POST"> <div class="login_line">name<input name="user_name" id="user_name_id" size="16" maxlength="16" value="" type="text"></div> <div class="login_line">password<input name="password" id="password_id" size="16" maxlength="16" type="password"></div> <div class="login_line"> <input class="icon icon_accept" value="login" onclick="javascript:handleFunction('action_login', document.getElementById('user_name_id').value, document.getElementById('password_id').value); return false;" type="submit"></div> </form> 

Read the article
Git 1.7.10 asks me for github username and password

- by Daniel Ruf

Since I have the new version it doesnt ask me anymore for the password I set in my ssh key file. It asks now directly for a github username and password when I push every time. Is this a new feature of git or changed it in the past or is there something what changed on github? I tried to authenticate using ssh and the email and password from my ssh ke file and it worked. Github changed to smartftp and also changed the instructions for setting up repos https://github.com/blog/1104-credential-caching-for-wrist-friendly-git-usage https://help.github.com/articles/create-a-repo Saw it later, they use now https instead of the git protocol

Read the article
can't make svn store password, even though the configuration allows it

- by davka

did everything the book says, i.e. removed the authentication files from .subversion/auth, and explicitly set the relevant config parameters to 'yes' even though this is a default, and yet the shell svn commands ask for password each time. The repository is on cvsdude.com, the client is linux. I also use the subclipse plugin that caches the password ok. I vaguely remember that when I started working with it, the command asked interactively if I wanted to save clear password, and I said no. Can this choice be stored somewhere and take precedence over the configuration? Thanks!

Read the article
Security issues in accepting passwords vs auto generating the password

- by Vivekanand Poojari

Hi, I am developing a console application. This application generates a self signed certificate and installs it in the current machine's certificate store. The steps invlolved are :- Generate a certificate Create a pfx file Install the pfx file For these steps i would need a password for protecting the private key and the pfx file. However these passwords are used only during the execution of the exe. Should I auto generate a password using some random number generation algorithm or accept the password as input from the user? What are the security issues involved in both the scenarios ? Thanks Vivekanand

Read the article
password/login system in php

- by Jonathan

For a login system in php would this be a suitable outline of how it would work: users types in username and password, clicks login button. Checks if user exists in database, if it does, then retrieve the salt for that user hash the password and salt (would this be done on the client or server side? I think client side would be better, but php is server side so how would you do this?) check value against value in database, if the values match then user has typed in correct password and they are logged in.

Read the article
can't make svn store password, even though the configuration is set to allow it

- by davka

did everything the book says, i.e. removed the authentication files from .subversion/auth, and explicitly set the relevant config parameters to 'yes' even though this is a default, and yet the shell svn commands ask for password each time. The repository is on cvsdude.com, the client is linux. I also use the subclipse plugin that caches the password ok. I vaguely remember that when I started working with it, the command asked interactively if I wanted to save clear password, and I said no. Can this choice be stored somewhere and take precedence over the configuration? Thanks!

Read the article
Hash passwords before transmitting? (web)

- by wag2639

I was reading this Ars article on password security and it mentioned there are sites that "hash the password before transmitting"? Now, assuming this isn't using an SSL connection (HTTPS), a. is this actually secure and b. if it is how would you do this in a secure manor? Edit 1: (some thoughts based on first few answers) c. If you do hash the password before transmission, how do you use that if you only store a salted hash version of the password in your user credentials databas? d. Just to check, if you are using a HTTPS secured connection, is any of this necessary?

Read the article
password limitations in SQL Server and MySql

- by asteroid

Does MySql 5.1 and SQL Server 2008 (Web edition, Standard) have any functional password limitations other than length limits? Are metacharacters in any form a bad idea to use, like bang, pipe, hash, any slash, carrot, and so on? I know that MySql 5.1 has a password length limitation of 16 characters that is hardcoded, but I was wondering, are any metacharacters (i.e. non alphanumerics) a bad idea to use? And is this true in SQL Server 2008 Web edition, Standard? So specifically: can symbols like: /`~:}{[]^ be used successfully? I would hope it doesn't matter to the database, but I don't understand enough about password storage in enterprise database systems yet to know for sure, and I was looking for confirmation or an explanation.

Read the article
how to use git rebase to clean up a convoluted history

- by lsiden

After working for several weeks with a half dozen different branches and merges, on both my laptop and work and my desktop at home, my history has gotten a bit convoluted. For example, I just did a fetch, then merged master with origin/master. Now, when I do git show-branches, the output looks like this: ! [login] Changed domain name. ! [master] Merge remote branch 'origin/master' ! [migrate-1.9] Migrating to 1.9.1 on Heroku ! [rebase-master] Merge remote branch 'origin/master' ---- - - [master] Merge remote branch 'origin/master' + + [master^2] A bit of re-arranging and cleanup. - - [master^2^] Merge branch 'rpx-login' + + [master^2^^2] Commented out some debug logging. + + [master^2^^2^] Monkey-patched Rack::Request#ip + + [master^2^^2~2] dump each request to log .... I would like to clean this up with a git rebase. I created a new branch, rebase-master, for this purpose, and on this branch tried git rebase <common-ancestor>. However, I have to resolve many conflicts, and the end result on branch rebase-master no longer matches the corresponding version on master, which has already been tested and works! I thought I saw a solution to this somewhere but can't find it anymore. Does anyone know how to do this? Or will these convoluted ref names go away when I start deleting un-needed branches that I have already merged with? I am the sole developer on this project, so there is no one else who will be affected.

Read the article
puppet cert mismatch in ec2

- by Stick

I'm setting up a puppetmaster (2.7.6) in ec2 via gems (on rhel6) and I'm running into problems with the cert names and getting the master able to talk to itself. my puppet.conf looks like this: [main] logdir = /var/log/puppet rundir = /var/run/puppet vardir = /var/lib/puppet ssldir = $vardir/ssl pluginsync = true environment = production report = true certname = master When I start the puppetmaster process the ssl directory looks like: ssl/private_keys/master.pem ssl/crl.pem ssl/public_keys/master.pem ssl/ca/ca_crl.pem ssl/ca/signed/master.pem ssl/ca/ca_crt.pem ssl/ca/ca_pub.pem ssl/ca/ca_key.pem ssl/certs/ca.pem ssl/certs/master.pem I have an /etc/hosts entry on the box to point the 'puppet' hostname to localhost so that I don't have to change the 'server' option. When I run the agent I get the following: # puppet agent --test info: Retrieving plugin err: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate: Server hostname 'puppet' did not match server certificate; expected master err: /File[/var/lib/puppet/lib]: Could not evaluate: Server hostname 'puppet' did not match server certificate; expected master Could not retrieve file metadata for puppet://puppet/plugins: Server hostname 'puppet' did not match server certificate; expected master err: Could not retrieve catalog from remote server: Server hostname 'puppet' did not match server certificate; expected master warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run err: Could not send report: Server hostname 'puppet' did not match server certificate; expected master If I specify the certname as the server (with corresponding hosts entry) I get: # puppet agent --test --server master info: Retrieving plugin err: /File[/var/lib/puppet/lib]: Could not evaluate: Could not retrieve information from environment production source(s) puppet://master/plugins info: Caching catalog for master info: Applying configuration version '1321805956' notice: Finished catalog run in 0.05 seconds Which is success of a sort, that source error will bite me later when I'm applying manifests. I've tried a couple of other variations with using the ec2 private hostname and gotten mixed results. I'd like to avoid setting server = 'x' and use dns/hosts to control what 'puppet' resolves to in order to decide which server (plays easier with availability zones, etc)

Read the article
ASP.NET MVC Create dynamic navigation sub-menu on the master page

- by Michael Narinsky

I'm trying to create an ASP.NET MVC master page so the site navigation on it will look like this: Main Menu:Home | About | News Sub Menu: Home_Page1 | Home_Page2 The Sub Menu section should always show sub-menu for the currently selected Main Menu page (on the example above 'Home' page is selected) unless a user hovers the mouse on another Main Menu item (then it shows that item's sub-menu instead). What is the best way to get such functionality in ASP.NET MVC?

Read the article
Change the width of Master in UISplitViewController

- by Raj

Hi, The iPad programming guide says that the splitView's left pane is fixed to 320 points. But 320 pixels for my master view controller is too much. I would like to reduce it and give more space to detail view controller. Is it possible by anyway? Edit: Link to the document which speaks about fixed width - http://developer.apple.com/iphone/library/documentation/General/Conceptual/iPadProgrammingGuide/UserInterface/UserInterface.html#//apple_ref/doc/uid/TP40009370-CH3-SW1 Thanks and Regards, Raj

Read the article

< Previous Page | 55 56 57 58 59 60 61 62 63 64 65 66 | Next Page >