Search Results

Search found 15010 results on 601 pages for 'password protected'.

Page 63/601 | < Previous Page | 59 60 61 62 63 64 65 66 67 68 69 70  | Next Page >

  • ASP.NET Membership Password Hash -- .NET 3.5 to .NET 4 Upgrade Surprise!

    - by David Hoerster
    I'm in the process of evaluating how my team will upgrade our product from .NET 3.5 SP1 to .NET 4. I expected the upgrade to be pretty smooth with very few, if any, upgrade issues. To my delight, the upgrade wizard said that everything upgraded without a problem. I thought I was home free, until I decided to build and run the application. A big problem was staring me in the face -- I couldn't log on. Our product is using a custom ASP.NET Membership Provider, but essentially it's a modified SqlMembershipProvider with some additional properties. And my login was failing during the OnAuthenticate event handler of my ASP.NET Login control, right where it was calling my provider's ValidateUser method. After a little digging, it turns out that the password hash that the membership provider was using to compare against the stored password hash in the membership database tables was different. I compared the password hash from the .NET 4 code line, and it was a different generated hash than my .NET 3.5 code line. (Tip -- when upgrading, always keep a valid debug copy of your app handy in case you have to step through a lot of code.) So it was a strange situation, but at least I knew what the problem was. Now the question was, "Why was it happening?" Turns out that a breaking change in .NET 4 is that the default hash algorithm changed to SHA256. Hey, that's great -- stronger hashing algorithm. But what do I do with all the hashed passwords in my database that were created using SHA1? Well, you can make two quick changes to your app's web.config and everything will be OK. Basically, you need to override the default HashAlgorithmTypeproperty of your membership provider. Here are the two places to do that: 1. At the beginning of your element, add the following element: <system.web> <machineKey validation="SHA1" /> ... </system.web> 2. On your element under , add the following hashAlgorithmType attribute: <system.web> <membership defaultProvider="myMembership" hashAlgorithmType="SHA1"> ... </system.web> After that, you should be good to go! Hope this helps.

    Read the article

  • Is there Powershell way to re-apply a restored password for the IIS IUSR account?

    - by Philippe Monnet
    On one of our IIS web servers the IUSR account suddenly expired or got corrupted, I recovered the password from the IIS metabase (using Cscript adsutil.vbs get w3svc\anonymoususerpass after switching IsSecureProperty = False). I then reset the password accordingly. Now I have to re-key that password on the Directory Security tab of all virtual directories (for the anonymous account) of all web sites on that server. Is there a way to automate this using Powershell? (I have searched so far in vain)

    Read the article

  • Is an 'if password == XXXXXXX' enough for minimum security?

    - by Morgan Herlocker
    If I create a login for an app that has middle to low security risk (in other words, its not a banking app or anything), is it acceptable for me to verify a password entered by the user by just saying something like: if(enteredPassword == verifiedPassword) SendToRestrictedArea(); else DisplayPasswordUnknownMessage(); It seems to easy to be effective, but I certainly would not mind if that was all that was required. Is a simple check on username/password combo enough? Update: The particular project happens to be a web service, the verification is entirely server side, and it is not open-source. Does the domain change how you would deal with this?

    Read the article

  • How to copy password from Mono-executed KeePass2 to xterm on Linux?

    - by Steve Emmerson
    I use KeePass2 to access username/password information in a Dropbox file. This allows convenient access from multiple devices. I can't seem to copy a password to the clipboard on my Linux 2.6.27.41-170.2.117.fc10.x86_64 system, however, in order to supply the password to a prompt in an xterm(1). I've tried both Ctrl+C/Ctrl+V and highlighting and mouse button 2 clicking. The KeePass2 program on the Linux system is executed by Mono. How can I copy the password to the xterm(1)? [Aside: I think we need a "KeePass" tag.] ADDENDUM: My mouse buttons were misconfigured: button 2 wasn't set to "copy". Sorry for the false alarm.

    Read the article

  • How can I automatically require a password when connecting to a WD MyBookLive?

    - by user-123
    I have created a user which has specific privileges to access the shares on our WD MyBookLive Network drive (ie it requires a password to connect), however after connecting once Windows seems to remember the password (or at least for the rest of the session). How can I make it so it is necessary to require a password every time the user connects to the drive or makes some change on Windows? I am particularly thinking of Cryptolocker and other variants of "ransomeware" which will try and connect to the drive and encrypt it.

    Read the article

  • The field for entering password freeze if no text is enter quickly after i install cinnamon on 12.04

    - by user109162
    Iam a total newbie to Ubuntu . I installed Cinnamon through terminal . The problem is that when i boot up, if i don't enter the password before 1 or 2 minutes the password field will freeze and won't accept any text inputs.The problem was most likely caused by Cinnamon because i guess the problem started after i tried to install some Cinnamon extensions. Please answer in non-technical way as far as possible. I will never go back to Windows whatever be the outcome. Help me stay on to Ubuntu.

    Read the article

  • Why don't smart phones have an auto-forget password feature? [closed]

    - by Kelvin
    Storing passwords to external services (e.g. corporate email servers) on smart phones is very insecure, since phones are more easily stolen. Has any vendor implemented a feature to only cache a password in memory for a limited amount of time? After the time period has elapsed, the app would ask for the password again. EDIT: I should've clarified - I'm aware that many (most?) users are lazy and want to just "set it and forget it". The always-remember feature will probably always be present. I was curious about an option to enable auto-forget for the security-conscious.

    Read the article

  • Can I remove a RAR file's (known) password without recompressing the archive?

    - by Abluescarab
    Long title. Anyway, I haven't been able to find an answer to this question. I know the password to the RAR file, I locked it myself, but now all I want to do is remove the password because it's too much of a pain in the butt to type it in every time. Is there a way to do this in WinRAR or an equivalent program? The only thing I knew to do was to extract it, then create a new RAR without the password. It's not a life-or-death issue, but it would be nice to know. Thanks for your time! EDIT: I just saw a bunch of related questions that appear to ask the same thing. The only solution I saw was using a DOS command to yadda yadda yadda. Here it is: How to remove password protection from compressed files Is there an easier way? Thanks again!

    Read the article

  • Is an 'if password == XXXXXXX' enough for minimum security?

    - by Prof Plum
    If I create a login for an app that has middle to low security risk (in other words, its not a banking app or anything), is it acceptable for me to verify a password entered by the user by just saying something like: if(enteredPassword == verifiedPassword) SendToRestrictedArea(); else DisplayPasswordUnknownMessage(); It seems to easy to be effective, but I certainly would not mind if that was all that was required. Is a simple check on username/password combo enough? Update: The particular project happens to be a web service, the verification is entirely server side, and it is not open-source. Does the domain change how you would deal with this?

    Read the article

  • How to get back to Lock Screen from Password screen in Microsoft Surface?

    - by GaTechThomas
    Similar to question, Can I bring the lock screen back after dismissing it? ('go back a screen' from password entry) How do I go back to the Lock Screen once I've gone to the password screen in Microsoft Surface tablet? This is a different mechanism from using the referenced question in that no physical keyboard is available. Alternately, can the timout on the password screen be shortened?

    Read the article

  • Is Flash a secure content delivery technology for password protected digital content?

    - by Merkel Fastia
    We are working on a project that would be a competitor to Yudu for online publishing and what we are debating is whether to use Flash for content security protection as Yudu does. See for example "The Testicle Cookbok" for which a limited (3-frame) preview is available before a password is requested by the Flash application running in the browser. Do you see any problems with this approach or could you recommend an alternative technology for password proected digital content?

    Read the article

  • Webmail with option to change password for email account?

    - by arma
    Been testing out different webmail options to use (so far AfterLogic, Horde) And it seems that there is no options to change password for user. It's really bad thing that i have to go to server and manually change passwords for users. Is there any webmail solution that will allow me to change password, that also changes on server (as client). Or is it server setting i must use before? Or it is not possible? EDIT: Note that i have cPanel host.

    Read the article

  • wordpress login encryption

    - by tech
    I am running wordpress with woocommerce and theme_my_login plugins. When a user registers on my site it sends them a confirmation email and then they can click to activate account. Problem is when the user goes to login they get an error of incorrect password. If the user uses the forgot password link and resets the password then they can login without any errors. What might cause this problem? Is the password being encrypted with the wrong method? I went through the registration process and checked the string in the php users table. password in php table after registration: $P$BF/gIt6dFfBBuNx6rP41Qv3i71TUie1 password in php table after change password to same password: $P$BxpByDbNU3vr3sytTOcbzttp1tOodH1 Do Theme my login and either woocommerce or wordpress use different encryption methods?

    Read the article

  • Can you change the type of Active Directory Password Complexity to be different than MS version?

    - by littlegeek
    Here it states that the policy must adhere to Passwords must meet complexity requirements determines whether password complexity is enforced. If this setting is enabled, user passwords meet the following requirements: The password is at least six characters long. The password contains characters from at least three of the following five categories: English uppercase characters (A - Z) English lowercase characters (a - z) Base 10 digits (0 - 9) Non-alphanumeric (For example: !, $, #, or %) Unicode characters The password does not contain three or more characters from the user's account name. They only setting is to ENABLE or DISABLE this feature. I was wondering if there is a way to change this policy? IF so where?

    Read the article

  • one email have multiple open id , unable to retrive specific open id password?

    - by superUser
    I have multiple OPENID accouts refrencing same email address, now i forget one of my accout's password. and when i tried to recover my password then only one openid accout link sent to my mail address whereas i need another openid password reset link what i have to do?? although i m able to login through gmail, but i want to login through openid. i have mailed already? but no satisfactory answer?? how do i collect all open ID password reset link referencing same email address??

    Read the article

  • Is there a way to password protect my external drive and be compatible with both Windows and MAC?

    - by Stucko
    I have an external hard drive (HD-PXTU2 Series). I used it for more than 6 months now, what I liked about it was its password protect utility that comes together with the drive. However the problem is the password protect utility is not compatible with MAC ( I'l be regularly transferring data between MacOS and Windows). Is there a way to password protect my external drive which is compatible with both Windows and MacOS?

    Read the article

  • Possible? OpenVPN server requiring both certificate- AND password-based login (via Tomato router firmware)

    - by Eric
    I've been using Shibby's build of Tomato (64k NVRAM version) on my Asus N66U router in order to run an OpenVPN server. I'm curious whether it's possible to setup this OpenVPN server to require both a certificate AND a username/password before a user is allowed access. I noticed there's a "challenge password" entry when filling out the certificate details, but everyone says to leave it blank "or else"; I have no idea why, and I can't find an explanation. In addition, I've Google'd this issue a bunch and have noticed people talking about a PAM module for OpenVPN in order to authenticate via username/password, but that appeared to be an either/or option; in other words, I can force authentication via username/password OR certificate. I want to require both. Is this possible? If so, how?

    Read the article

  • Why does changing a truecrypt password take such a long time?

    - by Alex
    I am changing the password of a truecrypt file container. This takes around 1 minute. Why? time truecrypt --text --change /tmp/user1.tc --keyfiles= --new-keyfiles= --password=known --new-password=known --random-source=/dev/null" If I use strace I see that it basically does not do anything: it simply reads lots of random data from /dev/urandom (even if i specified /dev/null as random source) and finally changes the password: open("/dev/urandom", O_RDONLY) = 6 read(6, "\36&{\351\212\212\343\202\34\313\242\312I\326\235\245\224\300\354O)\270Q\200 \201J\227\224\311_\212\367"..., 640) = 640 close(6) = 0

    Read the article

  • Disk drive won't let go of password prompt at bootup?

    - by user54003
    I had a hacker intrude into my system, at the time it was obvious, so I reinstalled. However, I am left with what appears to be a fatal problem as far as one of my disk drives goes. When I install that drive in my system, a prompt comes up for the disk password, and what it is asking for is a root password. The disk works otherwise normally but despite all my efforts, I have not been able to fix this disk. I have gotten the operating system parted magic and done the most extreme clean up available, the internal one which sends a signal to the disk electronics which runs a built in clean up program. Darik's boot and nuke, I've tried them all but I can't seem to remove this with anything in the Linux line. Does anyone have any suggestions? I've run gparted, created a Sun, an Apple and various other schemes to partition the disk, all to no avail. Can anyone help?

    Read the article

  • when i load ubuntu i get the log on screen, but even with correct password i cant log on.. have looged in several times before successfully!

    - by mybox
    I have been using ubuntu 12.04 for a few months now. but have now come across a problem that i cant get past. I am stuck at the log on screen= i enter my password but i get a black screen flases up and the log on prompt reappears!!! tried using terminal prompts and i actually have loggin it- but not according to the main log onm screen. I cant get my desktop active as the log on prompt is there. when i put a wrong password in i get an invalid password message- with the correct password the log on screen just reappears!!!please help.

    Read the article

  • FOSUserBundle override mapping to remove need for username

    - by musoNic80
    I want to remove the need for a username in the FOSUserBundle. My users will login using an email address only and I've added real name fields as part of the user entity. I realised that I needed to redo the entire mapping as described here. I think I've done it correctly but when I try to submit the registration form I get the error: "Only field names mapped by Doctrine can be validated for uniqueness." The strange thing is that I haven't tried to assert a unique constraint to anything in the user entity. Here is my full user entity file: <?php // src/MyApp/UserBundle/Entity/User.php namespace MyApp\UserBundle\Entity; use FOS\UserBundle\Model\User as BaseUser; use Doctrine\ORM\Mapping as ORM; use Symfony\Component\Validator\Constraints as Assert; /** * @ORM\Entity * @ORM\Table(name="depbook_user") */ class User extends BaseUser { /** * @ORM\Id * @ORM\Column(type="integer") * @ORM\GeneratedValue(strategy="AUTO") */ protected $id; /** * @ORM\Column(type="string", length=255) * * @Assert\NotBlank(message="Please enter your first name.", groups={"Registration", "Profile"}) * @Assert\MaxLength(limit="255", message="The name is too long.", groups={"Registration", "Profile"}) */ protected $firstName; /** * @ORM\Column(type="string", length=255) * * @Assert\NotBlank(message="Please enter your last name.", groups={"Registration", "Profile"}) * @Assert\MaxLength(limit="255", message="The name is too long.", groups={"Registration", "Profile"}) */ protected $lastName; /** * @ORM\Column(type="string", length=255) * * @Assert\NotBlank(message="Please enter your email address.", groups={"Registration", "Profile"}) * @Assert\MaxLength(limit="255", message="The name is too long.", groups={"Registration", "Profile"}) * @Assert\Email(groups={"Registration"}) */ protected $email; /** * @ORM\Column(type="string", length=255, name="email_canonical", unique=true) */ protected $emailCanonical; /** * @ORM\Column(type="boolean") */ protected $enabled; /** * @ORM\Column(type="string") */ protected $salt; /** * @ORM\Column(type="string") */ protected $password; /** * @ORM\Column(type="datetime", nullable=true, name="last_login") */ protected $lastLogin; /** * @ORM\Column(type="boolean") */ protected $locked; /** * @ORM\Column(type="boolean") */ protected $expired; /** * @ORM\Column(type="datetime", nullable=true, name="expires_at") */ protected $expiresAt; /** * @ORM\Column(type="string", nullable=true, name="confirmation_token") */ protected $confirmationToken; /** * @ORM\Column(type="datetime", nullable=true, name="password_requested_at") */ protected $passwordRequestedAt; /** * @ORM\Column(type="array") */ protected $roles; /** * @ORM\Column(type="boolean", name="credentials_expired") */ protected $credentialsExpired; /** * @ORM\Column(type="datetime", nullable=true, name="credentials_expired_at") */ protected $credentialsExpiredAt; public function __construct() { parent::__construct(); // your own logic } /** * @return string */ public function getFirstName() { return $this->firstName; } /** * @return string */ public function getLastName() { return $this->lastName; } /** * Sets the first name. * * @param string $firstname * * @return User */ public function setFirstName($firstname) { $this->firstName = $firstname; return $this; } /** * Sets the last name. * * @param string $lastname * * @return User */ public function setLastName($lastname) { $this->lastName = $lastname; return $this; } } I've seen various suggestions about this but none of the suggestions seem to work for me. The FOSUserBundle docs are very sparse about what must be a very common request.

    Read the article

  • Regex for Password Must be contain at least 8 characters, least 1 number and both lower and uppercase letters and special characters

    - by user2442653
    I want a regular expression to check that Password Must be contain at least 8 characters, including at least 1 number and includes both lower and uppercase letters and special characters (e.g., #, ?, !) Cannot be your old password or contain your username, "password", or "websitename" And here is my validation expression which is for 8 characters including 1 uppercase letter, 1 lowercase letter, 1 number or special character. (?=^.{8,}$)((?=.*\d)|(?=.*\W+))(?![.\n])(?=.*[A-Z])(?=.*[a-z]).*$" How I can write it for password must be 8 characters including 1 uppercase letter, 1 special character and alphanumeric characters?

    Read the article

< Previous Page | 59 60 61 62 63 64 65 66 67 68 69 70  | Next Page >