Search Results

Search found 14302 results on 573 pages for 'saved password'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 62/573 | < Previous Page | 58 59 60 61 62 63 64 65 66 67 68 69  | Next Page >

  • i am getting error like mysql_connect() acces denied for system@localhost(using password NO)

    - by user309381
    class MySQLDatabase { public $connection; function _construct() { $this->open_connection();} public function open_connection() {$this->connection = mysql_connect(DB_SERVER,DB_USER,DB_PASS); if(!$this->connection){die("Database Connection Failed" . mysql_error());} else{$db_select = mysql_select_db(DB_NAME,$this->connection); if(!$db_select){die("Database Selection Failed" . mysql_error()); } }} public function close_connection({ if(isset($this->connection)){ mysql_close($this->connection); unset($this->connection);}} public function query(/*$sql*/){ $sql = "SELECT*FROM users where id = 1"; $result = mysql_query($sql); $this->confirm_query($result); //return $result;while( $found_user = mysql_fetch_assoc($result)) { echo $found_user ['username']; } } private function confirm_query($result) { if(!$result) { die("The Query has problem" . mysql_error()); } } } $database = new MySQLDatabase(); $database->open_connection(); $database->query(); $database->close_connection(); ?>

    Read the article

  • Securing username/password embedded in Java Desktop App

    - by William
    My Java desktop application includes a component for communicating with a web service. We therefore need to include the access details for it within the application, but do not want it to be easily accessible in the event that the code is decompiled (we will be obfuscating). What techniques can we use to secure these details?

    Read the article

  • How can I compare my PHPASS-hashed stored password to my incoming POST data?

    - by Ygam
    Here's a better example, just a simple checking..stored value in database has password: fafa (hashed with phpass in registration) and username: fafa; i am using the phpass password hashing framework public function demoHash($data) //$data is the post data named password { $hash =new PasswordHash(8, false); $query = ORM::factory('user'); $result = $query ->select('username, password') ->where('username', 'fafa') ->find(); $hashed = $hash->HashPassword($data); $check = $hash->CheckPassword($hashed, $result->password); echo $result->username . "<br/>"; echo $result->password . "<br/>"; return $check; } check is returning false

    Read the article

  • How to query data from a password protected https website using C# .NET

    - by Addie
    I'd like my application to query a csv file from a secure website. I have no experience with web programming so I'd appreciate detailed instructions. Currently I have the user login to the site, manually query the csv, and have my application load the file locally. I'd like to automate this by having the user enter his login information, authenticating him on the website, and querying the data. The application is written in C# .NET. The url of the site is: https://www2.emidas.com/default.asp. I've tested the following code already and am able to access the file once the user has already authenticated himself and created a manual query. System.Net.WebClient Client = new WebClient(); Stream strm = Client.OpenRead("https://www3.emidas.com/users/<username>/file.csv");

    Read the article

  • mysql_connect() acces denied for system@localhost(using password NO)

    - by user309381
    class MySQLDatabase { public $connection; function _construct() { $this-open_connection(); } public function open_connection() { $this-connection = mysql_connect(DB_SERVER,DB_USER,DB_PASS); if(!$this-connection) { die("Database Connection Failed" . mysql_error()); } else { $db_select = mysql_select_db(DB_NAME,$this-connection); if(!$db_select) { die("Database Selection Failed" . mysql_error()); } } } function mysql_prep($value) { if (get_magic_quotes_gpc()) { $value = stripslashes($value); } // Quote if not a number if (!is_numeric($value)) { $value = "'" . mysql_real_escape_string($value) . "'"; } return $value; } public function close_connection() { if(isset($this->connection)) { mysql_close($this->connection); unset($this->connection); } } public function query(/*$sql*/) { $sql = "SELECT*FROM users where id = 1"; $result = mysql_query($sql); $this->confirm_query($result); //return $result; while( $found_user = mysql_fetch_assoc($result)) { echo $found_user ['username']; } } private function confirm_query($result) { if(!$result) { die("The Query has problem" . mysql_error()); } } } $database = new MySQLDatabase(); $database-open_connection(); $database-query(); $database-close_connection(); ?

    Read the article

  • SSH Password/User problem with Cygwin sshd service

    - by Supernovah
    hello I just set up SSHd through Cygwin on a Windows XP Pro box overseas using a RAT and discluded the openssh package from the install. I ran the cywin shell (from c:\cywin) and ran Now, It's under a port I know is safe and fowarded properly, but I won't share it's number. It's not a common port, but it's under 40000. Firewalls are off etc etc. I'm on the first Admin account made on the box. (It's full admin) I've run the following commands chmod +r /etc/passwd chmod +r /etc/group hmod 777 /var /*Created New Admin User Account To Be Used via SSH*/ mkpasswd -cl > /etc/passwd mkgroup --local > /etc/group I can connect locally, but not externally. I know my ports etc are fine. Any possible problems, as i really need this tunnel up :P

    Read the article

  • How do you handle passwords or credentials for standalone applications?

    - by Abel Morelos
    Let's say that you have a standalone application (a Java application in my case) and that this application has a configuration file (a XML file in my case) where you store the credentials (user and password) for a bunch of databases you need to connect. Everything works great, but now you discover (or your are given a new requirement like me) that you have to put this application in a different server and that you can't have these credentials in the configuration files because of security and/or compliance considerations. I'm considering to use data sources hosted in the application server (a WAS server), but I think this could have poor performance and maybe it's not the best approach since I'm connecting from a standalone application. I was also considering to use some sort of encryption, but I would like to keep things as simple as possible. How would you handle this case? Where would you put these credentials or protect them from being compromised? Or how would you connect to your databases in this scenario?

    Read the article

  • Why to store username and password in Keychain in iPhone app

    - by Suriya
    I have worked with NSUserDefault but this keychain concept is totally new for me. I have tried looking for similar Questions but couldn't find the exact reason to do so. What I have done: I already know how to store data in NSUserDefault. and also the reason why do we need to store it. Regarding Keychain I just know that storing in keychain stores the data with some extra security by encoding the original text while NSUserDefault stores the data as plain text. Is this the only reason for storing the data in keychain?

    Read the article

  • Setting a label's id in Zend_Form

    - by slkandy
    Hey, guys, I'm trying to set an id for one of my form's labels so I can hide it with jquery later. Here's my element: $password = new Zend_Form_Element_Password('password'); $password->setLabel('Password:') ->setRequired(true) ->addFilter('StripTags') ->addFilter('StringTrim') ->addValidator('NotEmpty') ->setAttrib( "id", "password" ); In the source, it looks like this: <dt> <label for="password" class="required">Password:</label> </dt> <dd> <input type="password" name="password" id="password" value=""> </dd> I need the label to look like: <label id="pass_label" for="password" class="required">Password:</label> Any ideas?

    Read the article

  • Console class in java Exception in reading password

    - by satheesh
    Hi, i am trying to use Console class in java. with this code import java.io.Console; public class ConsoleClass { public static void main(String[] args){ Console c=System.console(); char[] pw; pw=c.readPassword("%s","pw :"); for(char ch:pw){ c.format("%c",ch); } c.format("\n"); MyUtility mu =new MyUtility(); while(true){ String name=c.readLine("%s", "input?: "); c.format("output: %s \n",mu.doStuff(name)); } } } class MyUtility{ String doStuff(String arg1){ return "result is " +arg1; } } here i am getting NullPointerException when i tried to run in netbeans but i am not getting any Exception when tried to run in cmd with out netbeans IDE.Why?

    Read the article

  • MD5 password twice

    - by NoviceCoding
    I know MD5's safety is under question lately and this is the reason a lot of people are using salt (I dont understand this at all btw) but I was wondering if you wanted to easily implement a safe system in php can you just md5 something twice? like test 098f6bcd4621d373cade4e832627b4f6 fb469d7ef430b0baf0cab6c436e70375 So basically: $val = 'test'; $val = md5($val); $val = md5($val); Would that solve the whole rainbow security stuff? Is there an easy/noob proof way of making secure database passwords in php?

    Read the article

  • Secure password transmission over unencrypted tcp/ip

    - by academicRobot
    I'm in the designing stages of a custom tcp/ip protocol for mobile client-server communication. When not required (data is not sensitive), I'd like to avoid using SSL for overhead reasons (both in handshake latency and conserving cycles). My question is, what is the best practices way of transmitting authentication information over an unencrypted connection? Currently, I'm liking SRP or J-PAKE (they generate secure session tokens, are hash/salt friendly, and allow kicking into TLS when necessary), which I believe are both implemented in OpenSSL. However, I am a bit wary since I don't see many people using these algorithms for this purpose. Would also appreciate pointers to any materials discussing this topic in general, since I had trouble finding any.

    Read the article

  • Automate downloads from password protected website

    - by Andrew
    I need some help with a work project I have been assigned. At the moment we manually go to the site, logon and then download 2 excel files from a supplier's website every month. The files are then loaded into SQL. We want to automate this process. Now the loading of the files into SQL I can do, but I am not sure how I can automate logging onto the website entering my user details and collecting the files. I mostly deal with SQL and have very little .NET experience, so any code samples would be most appreciated.

    Read the article

  • How to decrypt a password from SQL server?

    - by sef
    I have this query in sql server 2000: select pwdencrypt('AAAA') which outputs an encrypted string of 'AAAA': 0x0100CF465B7B12625EF019E157120D58DD46569AC7BF4118455D12625EF019E157120D58DD46569AC7BF4118455D How can I convert (decrypt) the output from its origin (which is 'AAAA')?

    Read the article

  • Password generation, best practice

    - by Aidan
    I need to generate some passwords, I want to avoid characters that can be confused for each other. Is there a definitive list of characters I should avoid? my current list is il10o8B3Evu![]{} Are there any other pairs of characters that are easy to confuse? for special characters I was going to limit myself to those under the number keys, though I know that this differs depending on your keyboards nationality! As a rider question, I would like my passwords to be 'wordlike'do you have a favoured algorithm for that? Thanks :)

    Read the article

  • Google Chrome Updates; Faster, Cleaner Menus, Encrypted Password Syncing, and More

    - by ETC
    Google Chrome has rolled out a new update that includes a host of improves such as easier to navigate menus, encrypted password syncing, over all speed improvements, Flash sandboxing, and more. Google Chome’s new update has a host of subtle but powerful improvements. The browser is faster, the security is improved thanks the addition of encrypted password syncing and sandboxing of the integrated flash player, and the settings menu has been restructured and cleaned up for easy navigation. Check out the video above to take a peek at some of the changes or hit up the link below to read more. Speedier, Simpler, and Safer: Chrome’s Basics Get Even Better [The Official Google Blog] Latest Features How-To Geek ETC How to Get Amazing Color from Photos in Photoshop, GIMP, and Paint.NET Learn To Adjust Contrast Like a Pro in Photoshop, GIMP, and Paint.NET Have You Ever Wondered How Your Operating System Got Its Name? Should You Delete Windows 7 Service Pack Backup Files to Save Space? What Can Super Mario Teach Us About Graphics Technology? Windows 7 Service Pack 1 is Released: But Should You Install It? Save Files Directly from Your Browser to the Cloud in Chrome and Iron The Steve Jobs Chronicles – Charlie and the Apple Factory [Video] Google Chrome Updates; Faster, Cleaner Menus, Encrypted Password Syncing, and More Glowing Chess Set Combines LEDs, Chess, and DIY Electronics Fun Peaceful Alpine River on a Sunny Day [Wallpaper] Fast Society Creates Mini and Mobile Temporary Social Networks

    Read the article

  • Printer share keeps asking for password and I can't authenticate from any machine. Why?

    - by tenshimsm
    Ubuntu 12.04 printer share keeps asking for password and I can't authenticate from any machine. Why?? We've installed it in two machine (to act as printer servers) and we get the same problem. It doesn't matter what we do, change or install. We can't figure out why the printer share asks for password even using all of the users that are registered in the server. What is wrong with Precise? I want it to work without a password, but it is not even working WITH one! I gave up! The samba version that comes with Precise is insufferable! I tried various settings that didn't work. I should've used Mint from the beginning. [Edit] My printers config. Remembering that samba is 3.6.3 in ubuntu 12.04 load printers = yes [printers] comment = All Printers browseable = yes path = /var/spool/samba printable = yes guest ok = yes readonly = yes create mask = 0700 [print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = yes readonly = yes guest ok = yes

    Read the article

  • Stop Windows Domain Environment Caching Old Passwords?

    - by Daryl Gill
    I have noticed on my domain environment; the old Administrator password (before password expire).. The client machines have cached the old password and have the ability to bypass the new password by entering the old one..? I have noticed on my domain environment; the old Administrator password (before password expire).. The client machines have cached the old password and have the ability to bypass the new password by entering the old one..? Basically; I'm running a UAC enabled domain, which needs the administrator password to continue basic stuff; installations and such. The password for the administrator account has been changed due to expiration of said accounts password. By accident a fellow administrator typed the old password and still bypassed the UAC with what should have been the incorrect password. Is this a bug with the environment? or something that needs to be tweaked in the server sided settings? Is this a bug with the environment? or something that needs to be tweaked in the server sided settings?

    Read the article

  • Implementing parts of rfc4226 (HOTP) in mysql

    - by Moose Morals
    Like the title says, I'm trying to implement the programmatic parts of RFC4226 "HOTP: An HMAC-Based One-Time Password Algorithm" in SQL. I think I've got a version that works (in that for a small test sample, it produces the same result as the Java version in the code), but it contains a nested pair of hex(unhex()) calls, which I feel can be done better. I am constrained by a) needing to do this algorithm, and b) needing to do it in mysql, otherwise I'm happy to look at other ways of doing this. What I've got so far: -- From the inside out... -- Concatinate the users secret, and the number of time its been used -- find the SHA1 hash of that string -- Turn a 40 byte hex encoding into a 20 byte binary string -- keep the first 4 bytes -- turn those back into a hex represnetation -- convert that into an integer -- Throw away the most-significant bit (solves signed/unsigned problems) -- Truncate to 6 digits -- store into otp -- from the otpsecrets table select (conv(hex(substr(unhex(sha1(concat(secret, uses))), 1, 4)), 16, 10) & 0x7fffffff) % 1000000 into otp from otpsecrets; Is there a better (more efficient) way of doing this?

    Read the article

  • Where are the real risks in network security?

    - by Barry Brown
    Anytime a username/password authentication is used, the common wisdom is to protect the transport of that data using encryption (SSL, HTTPS, etc). But that leaves the end points potentially vulnerable. Realistically, which is at greater risk of intrusion? Transport layer: Compromised via wireless packet sniffing, malicious wiretapping, etc. Transport devices: Risks include ISPs and Internet backbone operators sniffing data. End-user device: Vulnerable to spyware, key loggers, shoulder surfing, and so forth. Remote server: Many uncontrollable vulnerabilities including malicious operators, break-ins resulting in stolen data, physically heisting servers, backups kept in insecure places, and much more. My gut reaction is that although the transport layer is relatively easy to protect via SSL, the risks in the other areas are much, much greater, especially at the end points. For example, at home my computer connects directly to my router; from there it goes straight to my ISPs routers and onto the Internet. I would estimate the risks at the transport level (both software and hardware) at low to non-existant. But what security does the server I'm connected to have? Have they been hacked into? Is the operator collecting usernames and passwords, knowing that most people use the same information at other websites? Likewise, has my computer been compromised by malware? Those seem like much greater risks. What do you think?

    Read the article

  • Authorizing a computer to access a web application

    - by HackedByChinese
    I have a web application, and am tasked with adding secure sign-on to bolster security, akin to what Google has added to Google accounts. Use Case Essentially, when a user logs in, we want to detect if the user has previously authorized this computer. If the computer has not been authorized, the user is sent a one-time password (via email, SMS, or phone call) that they must enter, where the user may choose to remember this computer. In the web application, we will track authorized devices, allowing users to see when/where they logged in from that device last, and deauthorize any devices if they so choose. We require a solution that is very light touch (meaning, requiring no client-side software installation), and works with Safari, Chrome, Firefox, and IE 7+ (unfortunately). We will offer x509 security, which provides adequate security, but we still need a solution for customers that can't or won't use x509. My intention is to store authorization information using cookies (or, potentially, using local storage, degrading to flash cookies, and then normal cookies). At First Blush Track two separate values (local data or cookies): a hash representing a secure sign-on token, as well as a device token. Both values are driven (and recorded) by the web application, and dictated to the client. The SSO token is dependent on the device as well as a sequence number. This effectively allows devices to be deauthorized (all SSO tokens become invalid) and mitigates replay (not effectively, though, which is why I'm asking this question) through the use of a sequence number, and uses a nonce. Problem With this solution, it's possible for someone to just copy the SSO and device tokens and use in another request. While the sequence number will help me detect such an abuse and thus deauthorize the device, the detection and response can only happen after the valid device and malicious request both attempt access, which is ample time for damage to be done. I feel like using HMAC would be better. Track the device, the sequence, create a nonce, timestamp, and hash with a private key, then send the hash plus those values as plain text. Server does the same (in addition to validating the device and sequence) and compares. That seems much easier, and much more reliable.... assuming we can securely negotiate, exchange, and store private keys. Question So then, how can I securely negotiate a private key for authorized device, and then securely store that key? Is it more possible, at least, if I settle for storing the private key using local storage or flash cookies and just say it's "good enough"? Or, is there something I can do to my original draft to mitigate the vulnerability I describe?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 58 59 60 61 62 63 64 65 66 67 68 69  | Next Page >