Search Results

Search found 2004 results on 81 pages for 'resetting passwords'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 6/81 | < Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13  | Next Page >

  • Drupal 7: One-time user account

    - by Noob
    I'm going to create a survey in Drupal 7 with the webform module, installed on a debian system which may be adapted in every way. The users (personally known, approx. 120) doing that survey will walk into a room and complete the survey in browsers on different computers. After that, they'll leave the room and other persons will enter, complete the survey on the same computers and so on. Each user may enter only one submission. The process needs to be anonymous, i. e. I mustn't have any idea of who did wich submission. My current solution is to generate random one-time-passwords and hand out one password per user (without noting who got which password). Within the survey there will be a password field where the one-time-password is entered. The value is checked by webform to be unique. I'll get the data via csv or Excel and verify the passwords manually in excel by comparing them to the list of valid passwords. The problem is: I don't like the idea of manually generating the password list, copying it to excel and doing a manual check. That's a good idea for one-time-use, but we're going to repeat the survey every once in a while. I'd rather generate one-time-logins (like user0001/fdlkjewf, user0002/dfrefnnr, ...) for each survey, hand them out to the users and let drupal/debian/whatever check whether a submission is valid or not. Do you have any idea how to batch-generate about 120 users with one-time-passwords in Drupal 7 and verify that each user may submit the form only once? Do you even have a better idea how to accomplish the task within the intranet? Thank you for your help.

    Read the article

  • Self-Resetting Power Strips?

    - by Justin Scott
    We are about to deploy a number of secure kiosks into an environment where they may be prone to lightning strikes and power surges on a somewhat regular basis (southern Florida in a place where the existing electrical infrastructure is, shall we say, a bit out of date). Ideally we would use battery backups on each system, but it's not in the budget. We plan to use a standard power strip with a circuit breaker built-in to protect the computers, but management has asked if there is a power strip that can reset itself after the breaker has been tripped. I've looked around and wasn't able to find such a beast, and it seems to me that it would probably be a safety issue for such a product to exist (e.g. if something plugged into the strip is drawing a lot of current and trips the breaker, you wouldn't want that resetting itself to prevent a possible fire). Nevertheless, if anyone has experience with such a product or can point me in the direction of something that would allow the breakers to be reset automatically or remotely (we don't want to have to send someone to each kiosk every time there is a power surge) I would appreciate any tips.

    Read the article

  • Software to store my password on a crypted file and access it through another password

    - by Fire-Dragon-DoL
    I'm looking for a software that allows me to store some passwords in something like "a text file", access it through a password, read my passwords if required and close it again. I want something really straightforward, double click on file, right click "Add new password", add password, description and close. The file must be really secure, I'll store all my passwords there. I know about some command line solutions but I want my setup to be really fast on reading. Do someone know if such a software exist and can point me in the correct direction? I would like to find it freeware, but I'm ok with some low cost tools too.

    Read the article

  • What is your favorite password storage tool?

    - by Marcel Levy
    Aside from personal passwords, I'm always juggling a number of project-specific passwords, including those for network, web and database authentication. Some authentication can be managed with ssh keys and the like, but everywhere I've worked I also faced the need for the management of passwords that need to be available to a number of different people. So what do you use, either for personal or team-based password management? Personally I'd like to hear about cross-platform tools, but I'm sure other people would be satisfied with Windows-only solutions. I know the stackoverflow podcast tackled this issue in #7 and #9, but I'm hoping we can come up with the definitive answer here. Update: Even though this question was asked before its sibling site existed, you should probably add your two cents to the more active question over at superuser, which is a more appropriate venue for this.

    Read the article

  • Why does this work: Windows same local admin username and password, able to access other computer?

    - by Ankush
    I've two machines MachineA and MachineB. Both have two local accounts which have same username . Both accounts are local admin on those machines. If they have same password, I'm able to access \\MachineA\C$ from MachineB. But if I change any one password above doesn't work. And it prompts for username and password. Now if I provide MachineA\username and password, it then connects. Why isn't there a prompt for password when passwords are same? I expected passwords to be hashed with random salt, how does windows know passwords are same and authorize access? These machines are running Windows Server 2008 R2. PS. I've created following reg key to enable drive access HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\LocalAccountTokenFilterPolicy to 1

    Read the article

  • All FireFTP passwords gone after auto-update

    - by GitaarLAB
    For the last six months (since the Firefox madness started and they keep on taking control of my PC) I'm terrified to touch Firefox. Problem is however, I've been using it in my business (since once upon a time it was a trustworthy application with useful extensions like FireFTP) and that installation (and plugins) holds four years of information. So Firefox continually deletes my important data (by) messing up (or blocking/or worse: auto-updating) my plug-ins, even crashing my computer as a result. Today Firefox killed FireFTP by (again) autoupdating FireFTP without my permission, and I did my best to disable that nonsense in about:config). Result: none of the (over 100) FireFTP accounts can be logged on to, they suddenly all ask for a password. I do not have the time to to find all of the passwords and reconfigure FireFTP again. How can I undo the mess Firefox created once again? That is, where are the passwords, how do I downgrade? As a side-question, how can I make Firefox behave again? I'm the boss of my computer, not them! How can I once and for-all take back control and completely kill every kind of auto-update feature?

    Read the article

  • MySQL stopped asking for passwords

    - by BlaM
    I'm currently experiencing a weird problem with one of my MySQL database servers: It stopped asking for passwords when I try to access the database from local with the mysql command line tool. I need a valid admin username. I also still need a password for remote access (i.e. from another IP). And I need a password when I - for example - access the database from a PHP script. But when I try to access the database from local host/commandline it will let me straight in to the data with my administrative users. They (admin users) have passwords set - and as I mentioned - I still need to specify those when I try to access the data via PHP. Changing the password didn't help. Non-Administrative users need to specify their passwort, but that doesn't really help if they can get anywhere with "mysql -u root" (or another admin user account name). (System Debian Linux Lenny, MySQL 5.0.51a) Any ideas? Anything that explains this behaviour? I don't understand how this can happen.

    Read the article

  • Weird Firefox Password Manager behavior

    - by hvtuananh
    Few days ago, I click on Most Visited, right click Facebook and select Forget about this site. Of course, all of my history, bookmarks and 6 saved passwords are gone Yesterday, I installed LassPass add-on, and only import Firefox saved password When I open Firefox, goto Facebook, all of my 6 password are appeared So, my question is, when I select Forget about this site, did Firefox remove my passwords completely?

    Read the article

  • Loosing network cached passwords after a restart on Vista

    - by Nauman
    The passwords cached for Network shares on other computers and applications like MSN Live, MS Outlook, Sharepoint portal, Outlook Webmail, etc are lost when I reboot my computer, which runs on Vista. I always check the Remember password checkbox in applications/login dialogs where ever prompted. I cannot imagine of a third party program that may clean up this on system restart/shutdown. Any idea, as to what is going wrong?

    Read the article

  • Local admin password recovery: Windows Vista

    - by Jim Dennis
    I am faced with an unsettling situation. A friend of my father's has rather suddenly become a widower. Naturally they've taken care of the bank accounts and all the normal mundane things that people have been doing for a century or so. However, she was the computer user of the household. He was aware that they had some online banking stuff and bill paying stuff ... and that she spent lots of time on FaceBook and stuff like that. However, he doesn't know what her local passwords were (actually only vaguely aware that her couple of desktop and couple of laptop system even had passwords). He's never heard of "admin" passwords so that's no good either. In the past I've used KNOPPIX and the old LinuxCare "bootable business card" to recover NT passwords. I've never done this with MS Windows Vista. So, I'm looking for the best advice on how to do this. Naturally I do have physical access to the systems (the two laptops are charging across the room from me; and her old desktop systems are, naturally, still back at his place). Getting it right is much more important than fast or easy (I don't want to mess up those filesystems and possibly lose some photos or other stuff that he or his kids or grandkids will want). (BTW: if anyone things this is some social engineering hack to play upon the sympathies of the community to get the information I'm asking for ... think about it for a minute. I know about IRC and the "warez" boards. I know I can find this stuff out there if I dig enough. I'm just asking here because it'll hopefully be faster and, secondarily to raise awareness. As more of us put more of our lives online ... as we get older and as places like FaceBook continue to widen the appeal of computing to a broader segment of older people ... we are, as computer nerds, going to see a lot more of this. Survivors will needs us to be careful, sensitive and ethically responsible as they try to recover those bits of legacy during their bereavement. I can now tell you, first hand, it sucks!)

    Read the article

  • Passwords longer than 8 letter in Red Hat 4

    - by Oz123
    I have some machines with RHEL4 Nahant Update 6. Oddly, I found that passwords longer than 8 digits are not stored. So if I had a password 1ABCDEa!, and I changed it to 1ABCDEa!1ABCDEa! I could still log in to the machine with the old password. This machines use NIS authentication, but other machines with Red Hat 5 which use the same NIS server allow login ONLY with the NEW password (16 digits long...)!

    Read the article

  • Undo clicking chrome never save password on the mac

    - by IlDan
    Sometimes you may want to undo your choice of "Never for this site" when Chrome asks if you want to save a password. But on the mac clicking on the "Show saved passwords" in the Preferences opens the Keychain Access app and you have no way to remove that site from the exceptions list. This is obviously a bug. I suppose that deleting all saved passwords will do but I don't want to delete them all. Is there any other workaround? (Chrome 6.0.472.63)

    Read the article

  • Is it possible to export saved passwords from Toad

    - by Joe Enos
    I'm looking for a way to export saved usernames/passwords from Toad for Oracle (9.5.0.31). It doesn't have to be in a usable format for importing - even a plaintext format would be fine. I believe the passwords are stored encrypted in CONNECTIONPWDS.INI, but from what I've read, that file doesn't transfer from one machine to another. There doesn't seem to be anything in the Quest site or the Yahoo groups about this, other than "That's a very good suggestion...". Has anyone had any luck accomplishing this? Or am I stuck with having to dig up the passwords for each of my accounts? Thanks

    Read the article

  • Rsync root files between systems without specifying password

    - by xpt
    This seems very tricky to me. I've set up my two systems so that I can rsync files between them as me, without specifying password. Now the the problem is to rsync files that belong to root. On both of my systems, there are no root passwords. The only way to become root is via sudo. So I can neither give a password for sudo rsyn local root@remote:, no use my ssh-agent to supply pass phrase. I don't want to set up a root password on any systems; and I do need the files to be owned by root on both systems. EDIT: Using the files that belong to root is just an example, I need a way for my unprivileged account to read/write system (including root-owned) files easily. One example is to copy my configured /root environment into the freshly-installed system. The two systems are actually two VMs under a single host, so it's not a big concern for me to copy root-owned files between them. EDIT 2: If I only want to copy my configured /root environment into the freshly-installed system, I can use tar: sudo tar cvzf - /root | ssh me@remote sudo tar xvzf - -C / But I do need rsync to update from time to time. Any easy way to make it happen? EDIT 3: Formally formulate the question Alright, it all began with the question, how to rsync files that belong to root between two systems as a normal unprivileged user, without specifying password, under the condition that, The root account is locked on both of systems. I.e., there are no root passwords. The only way to become root is via sudo (recommended security practice, see http://help.ubuntu.com/community/RootSudo) I don't want a completely passwordless sudo but don’t want to be typing passwords all the time either. The normal unprivileged user has entered their ssh pass phrase into the ssh agent. Thanks

    Read the article

  • SASL (Postfix) authentication with MySQL and Blowfish pre-encrypted passwords

    - by webo
    I have a Rails app with the Devise authentication gem running user registration and login. I want to use the db table that Devise populates when a user registers as the table that Postfix uses to authenticate users. The table has all the fields that Postfix may want for SASL authentication except that Devise encrypts the password using Blowfish before placing it in the database. How could I go about getting Postfix/SASL to decrypt those passwords so that the user can be authenticated properly? Devise salts the password so I'm not sure if that helps. Any suggestions? I'd likely want to do something similar with Dovecot or Courier, I'm not attached to one quite yet.

    Read the article

  • LastPass Now Monitors Your Accounts for Security Breaches

    - by Jason Fitzpatrick
    Staying on top of security breaches and how they may or may not affect you is time consuming. Sentry, a new and free addition to the LastPass password management tool, automates the process and notifies you of breaches. In response to all the recent and unfortunate high-profile security breaches LastPass has rolled out Sentry–a tool that monitors breach lists to notify you if your email appears in a list of breached accounts. The lists are supplied by PwnedList, a massive database of security breach data, and securely indexed against your accounts within the LastPass system. If there is a security breach and your email is on the list, you’ll receive an automated email notice indicating which website was compromised and that your email address was one of the positive matches from the breach list. LastPass Sentry is a free feature and, as of yesterday, is automatically activated on all Free, Premium, and Enterprise level accounts. Hit up the link below to read the official announcement. Introducing LastPass Sentry [The LastPass Blog] How To Create a Customized Windows 7 Installation Disc With Integrated Updates How to Get Pro Features in Windows Home Versions with Third Party Tools HTG Explains: Is ReadyBoost Worth Using?

    Read the article

  • Tale of an Encrypted SSIS Package in msdb and a Lost Password

    - by Argenis
      Yesterday a Developer at work asked for a copy of an SSIS package in Production so he could work on it (please, dear Reader – withhold judgment on Source Control – I know!). I logged on to the SSIS instance, and when I went to export the package… Oops. I didn’t have that password. The DBA who uploaded the package to Production is long gone; my fellow DBA had no idea either - and the Devs returned a cricket sound when queried. So I posed the obligatory question on #SQLHelp and a bunch of folks jumped in – some to help and some to make fun of me (thanks, @SQLSoldier @crummel4 @maryarcia and @sqljoe). I tried their suggestions to no avail…even ran some queries to see if I could figure out how to extract the package XML from the system tables in msdb:   SELECT CAST(CAST(p.packagedata AS varbinary(max)) AS varchar(max)) FROM msdb.dbo.sysssispackages p WHERE p.name = 'LePackage'   This just returned a bunch of XML with encrypted data on it:  I knew there was a job in SQL Agent scheduled to execute the package, and when I tried to look at details on the job step I got the following: Not very helpful. The password had to be saved somewhere, but where?? All of a sudden I remembered that there was a system table I hadn’t queried yet: SELECT sjs.command FROM msdb.dbo.sysjobs sj JOIN msdb.dbo.sysjobsteps sjs ON sj.job_id = sjs.job_id WHERE sj.name = 'Run LePackage' The result: “Well, that’s really secure”, I thought to myself. Cheers, -Argenis

    Read the article

  • Is hashing of just "username + password" as safe as salted hashing

    - by randomA
    I want to hash "user + password". EDIT: prehashing "user" would be an improvement, so my question is also for hashing "hash(user) + password". If cross-site same user is a problem then the hashing changed to hashing "hash(serviceName + user) + password" From what I read about salted hash, using "user + password" as input to hash function will help us avoid problem with reverse hash table hacking. The same thing can be said about rainbow table. Any reason why this is not as good as salted hashing?

    Read the article

  • How do I backup Credentials Manager passwords (Windows 7)

    - by Andrew J. Brehm
    I am trying to create a backup of my stored passwords in Credentials Manager. But after Windows switches to the secure desktop to get the password for the backup file it simply announced that "Your stored logon credentials could not be backed up" and gives as explanation "Element not found", neither of which is helpful. (In fact I hate the "X could not Y" type of error message). I am an administrator on the machine and there is only one password in Credentials Manager. The sole point of the backup is to create a nearly empty Credentials Manager so that I don't have to delete manually hundreds of password entries every time I have to change my domain password. (I think Microsoft haven't throught this through properly. There appears to be no way to delete more than one entry at a time.) Any ideas?

    Read the article

  • HTG Explains: What Is Two-Factor Authentication and Should I Be Using It?

    - by Jason Fitzpatrick
    More and more banks, credit card companies, and even social media networks and gaming sites are starting to use two-factor authentication. If you’re a little unclear on what it is or on why you’d want to start using it, read on to learn how two-factor authentication can keep your data secure. HTG Explains: What Is Two-Factor Authentication and Should I Be Using It? HTG Explains: What Is Windows RT and What Does It Mean To Me? HTG Explains: How Windows 8′s Secure Boot Feature Works & What It Means for Linux

    Read the article

  • Is an 'if password == XXXXXXX' enough for minimum security?

    - by Morgan Herlocker
    If I create a login for an app that has middle to low security risk (in other words, its not a banking app or anything), is it acceptable for me to verify a password entered by the user by just saying something like: if(enteredPassword == verifiedPassword) SendToRestrictedArea(); else DisplayPasswordUnknownMessage(); It seems to easy to be effective, but I certainly would not mind if that was all that was required. Is a simple check on username/password combo enough? Update: The particular project happens to be a web service, the verification is entirely server side, and it is not open-source. Does the domain change how you would deal with this?

    Read the article

  • Securing credentials passed to web service

    - by Greg Smith
    I'm attempting to design a single sign on system for use in a distributed architecture. Specifically, I must provide a way for a client website (that is, a website on a different domain/server/network) to allow users to register accounts on my central system. So, when the user takes an action on a client website, and that action is deemed to require an account, the client will produce a page (on their site/domain) where the user can register for a new account by providing an email and password. The client must then send this information to a web service, which will register the account and return some session token type value. The client will need to hash the password before sending it across the wire, and the webservice will require https, but this doesn't feel like it's safe enough and I need some advice on how I can implement this in the most secure way possible. A few other bits of relevant information: Ideally we'd prefer not to share any code with the client We've considered just redirecting the user to a secure page on the same server as the webservice, but this is likely to be rejected for non-technical reasons. We almost certainaly need to salt the password before hashing and passing it over, but that requires the client to either a) generate the salt and communicate it to us, or b) come and ask us for the salt - both feel dirty. Any help or advice is most appreciated.

    Read the article

  • How migrate my keyring (containing ssh passprases, nautilus remote filesystem, pgp passwords) and network manager connections?

    - by con-f-use
    I changed the disk on my laptop and installed Ubuntu on the new disk. Old disk had 12.04 upgraded to 12.10 on it. Now I want to copy my old keyring with WiFi passwords, ftp passwords for nautilus and ssh key passphrases. I have the whole data from the old disk available (is now a USB disk and I did not delete the old data yet or do anything with it - I could still put it in the laptop and boot from it like nothing happened). On the new disc that is now in my laptop, I have installed 12.10 with the same password, user-id and username as on the old disk. Then I copied a few important config files from the old disk (e.g. ~/.firefox/, ~/.mozilla, ~/.skype and so on, which all worked fine... except for the key ring: The old methods of just copying ~/.gconf/... and ~/.gnome2/keyrings won't work. Did I miss something? 1. Edit: I figure one needs to copy files not located in the users home directory as well. I copied the whole old /home/confus (which is my home directory) to the fresh install to no effect. That whole copy is now reverted to the fresh install's home directory, so my /home/confus is as it was the after fresh install. 2. Edit: The folder /etc/NetworkManager/system-connections seems to be the place for WiFi passwords. Could be that /usr/share/keyrings is important as well for ssh keys - that's the only sensible thing that a search came up with: find /usr/ -name "*keyring* 3. Edit: Still no ssh and ftp passwords from the keyring. What I did: Convert old hard drive to usb drive Put new drive in the laptop and installed fresh version of 12.10 there (same uid, username and passwort) Booted from old hdd via USB and copied its /etc/NetwrokManager/system-connections, ~/.gconf/ and ~/.gnome2/keyrings, ~/.ssh over to the new disk. Confirmed that all keys on the old install work Booted from new disk Result: No passphrase for ssh keys, no ftp passwords in keyring. At least the WiFi passwords are migrated. 4. Edit: Boutny! Ending soon... 5. Edit: Keyring's now in ./local/share/keyrings/. Also interesting .gnupg

    Read the article

  • Updating password hashing without forcing a new password for existing users

    - by Willem
    You maintain an existing application with an established user base. Over time it is decided that the current password hashing technique is outdated and needs to be upgraded. Furthermore, for UX reasons, you don't want existing users to be forced to update their password. The whole password hashing update needs to happen behind the screen. Assume a 'simplistic' database model for users that contains: ID Email Password How does one go around to solving such a requirement? My current thoughts are: create a new hashing method in the appropriate class update the user table in the database to hold an additional password field Once a user successfully logs in using the outdated password hash, fill the second password field with the updated hash This leaves me with the problem that I cannot reasonable differentiate between users who have and those who have not updated their password hash and thus will be forced to check both. This seems horribly flawed. Furthermore this basically means that the old hashing technique could be forced to stay indefinitely until every single user has updated their password. Only at that moment could I start removing the old hashing check and remove the superfluous database field. I'm mainly looking for some design tips here, since my current 'solution' is dirty, incomplete and what not, but if actual code is required to describe a possible solution, feel free to use any language.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13  | Next Page >