Search Results

Search found 9715 results on 389 pages for 'bad passwords'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 64/389 | < Previous Page | 60 61 62 63 64 65 66 67 68 69 70 71  | Next Page >

  • ipod not mounting

    - by rls
    Tried to connect my iPod, but got this message: Error mounting: mount: wrong fs type, bad option, bad superblock on /dev/sdb2, missing codepage or helper program, or other error In some cases useful info is found in syslog - try dmesg | tail or so Have seen links to this here, but beeing rather green, I don't understand much. https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/734883 What do I do now? The dmesg|tail says [ 2819.709437] sd 6:0:0:0: [sdb] 3901376 4096-byte logical blocks: (15.9 GB/14.8 GiB) [ 2819.710161] sd 6:0:0:0: [sdb] Assuming drive cache: write through [ 2819.735294] sdb: [mac] sdb1 sdb2 [ 2819.738060] sd 6:0:0:0: [sdb] 3901376 4096-byte logical blocks: (15.9 GB/14.8 GiB) [ 2819.738671] sd 6:0:0:0: [sdb] Assuming drive cache: write through [ 2819.738688] sd 6:0:0:0: [sdb] Attached SCSI removable disk [ 2820.420130] sd 6:0:0:0: [sdb] Bad block number requested [ 2820.420167] hfs: unable to find HFS+ superblock [ 2820.612140] sd 6:0:0:0: [sdb] Bad block number requested [ 2820.612191] hfs: unable to find HFS+ superblock

    Read the article

  • My boss decided to add a "person to blame" field to every bug report. How can I convince him that it's a bad idea?

    - by MK_Dev
    In one of the latest "WTF" moves, my boss decided that adding a "Person To Blame" field to our bug tracking template will increase accountability (although we already have a way of tying bugs to features/stories). My arguments that this will decrease morale, increase finger-pointing and would not account for missing/misunderstood features reported as bug have gone unheard. What are some other strong arguments against this practice that I can use? Is there any writing on this topic that I can share with the team and the boss? I find this sort of culture unacceptable to work in but want to try and change it before jumping ship. Any input is appreciated.

    Read the article

  • Alternatives to OAuth?

    - by sdolgy
    The Web industry is shifting / has shifted towards using OAuth when extending API services to external consumers & developers. There is some elegance in simple....and well, the 3-step OAuth process isn't too bad ... i just find it is the best of a bad bunch of options. Are there alternatives out there that could be better, and more secure? The security reference is derived from the following URLs: http://www.infoq.com/news/2010/09/oauth2-bad-for-web http://hueniverse.com/2010/09/oauth-2-0-without-signatures-is-bad-for-the-web/

    Read the article

  • Game 30% done on HTML5. Maybe it was a bad idea. Should I change to Unity3d? [on hold]

    - by Dokkat
    I'm creating a 3d game on HTML5. It's 30% complete and the hard part is already coded. The server is on node.js.Now I'm realizing that maybe it was not a wise choice. This is because I realized: Three.js still has many bugs. I don't see the same thing on every machine. Each browser, OS, can give different results. I'm afraid my clients will have a great stress installing my game properly. I have tons of sprites and models on my game. I wonder if my clients will have to load all them again everytime they want to play? I wonder if a Node.js server will be fast enough to handle it, and I'm afraid it won't be scalable. What would you advise me? Should I continue and finish the game on HTML5 or is it better to remake it on something else, like Unity3d for the client and (what?) for the server?

    Read the article

  • A more reliable and more flexible sp_MSforeachdb

    - by AaronBertrand
    I've complained about sp_MSforeachdb before. In part of my "Bad Habits to Kick" series in 2009-10, I described how I worked around its sporadic inability to actually process all of the databases on an instance: http://sqlblog.com/blogs/aaron_bertrand/archive/2010/02/08/bad-habits-to-kick-relying-on-undocumented-behavior.aspx I lumped this in a "Bad Habit" category of relying on undocumented behavior, since - while the procedure does have rampant usage - it is, in fact, both undocumented and unsupported....(read more)

    Read the article

  • Quit job for another but current employer doesn't want to lose me. Would it be a bad idea to stay?

    - by Confused
    So I've handed in my notice at my current job as I've been offered a job at another company. However, my current employer doesn't want to lose me and they want to know what I want to stay. I mostly enjoy working there so I'd be open to negiotiation. The new job was an unexpected opportunity that presented itself. Such things I'd be looking for are: Better computers for developers Opportunity to work from home occasionally Improved internet access (e.g. able to download software, no keyword blocking) Chance to work on other technologies than my primary (we do have projects on other technologies) Pay increase (though this isn't my primary motivation) I found out that some of these were already in progress when I handed in my notice :( Is it ever a good idea to remain at a company after you've resigned? What if they meet all my conditions and alter my contract accordingly? Will I burn my bridges at the new company (I've already told them I'd accept their offer)? Update: Thanks for the answers. Quite a mixed bag which was interesting. Anyway, just so you know, I've chosen to stay at my current company. So far, it definately feels like the right decision. Guess I won't know for a few months whether is was though.

    Read the article

  • Multiple Kickstarter campaigns. Good? Bad? Ugly?

    - by BerickCook
    I've been toying with the idea of doing a Kickstarter for my game to help fund some good artists to replace the placeholder graphics I currently have. Just a small goal of $2k or so. Regardless of whether the campaign is successful this time, would it be considered a faux pas to do another, larger kickstarter once the game is looking better? Would the rewards need to be the same, or could I offer better rewards at lower donation levels for the first one as an "early adopter" bonus?

    Read the article

  • Invalid command 'SSLRequireSSL',

    - by Bad Programmer
    An svn server that I managed crashed. The server is up and running again, but I can't manage to get svn running anymore. I followed the instructions listed here: http://mark.koli.ch/2010/03/howto-setting-up-your-own-svn-server-using-apache-and-mod-dav-svn.html Yet when I try to start apache using /etc/init.d/httpd start I get a [FAILED] message. There is no content in the error logs. Any suggestions?

    Read the article

  • NIS: which mechanism hides shadow.byname for unpriviledged users?

    - by Mark Salzer
    On some Linux box (SLES 11.1) which is a NIS client I can do as root: ypcat shadow.byname and get output, i.e. some lines with the encrypted passwords, amongst other information. On the same Linux box, if I run the same command as unpriviledged user, I get No such map shadow.byname. Reason: No such map in server's domain Now I am surprised. My good old knowlege says that shadow passwords in NIS are absurd because there is no access control or authentication in the protocol and thus every (unpriviledged) user can access the shadow map and thereby obtain the encrypted passwords. Obviously we have a different picture here. Unfortunately I don't have access to the NIS server to figure out what is happening. My only guess is that the NIS master gives the map only to clients conection from a priviledged port (1024), but this is only an uneducated guess. What mechanisms are there in current NIS implementations to lead to a behavior like the above? How "secure" are they? Can the be circumvented easily? Or are shadow passwords in NIS as secure as the good old shadow files?

    Read the article

  • ssh keys rejected each day

    - by EddyR
    I've had OpenSSH server running on my debian server for a couple weeks and all of a sudden now when I go to login the next day it rejects my ssh key and I have to manually add a new one each time. Not only that but I have the "tunneling with clear-text passwords" option enabled and the non-root (login with root is disabled) account for that is rejected too. I'm at a loss why this is happening and I can't find any ssh options that would explain it. --update-- I just changed debug level to DEBUG. But before that I'm seeing a lot of the following in auth.log Feb 1 04:23:01 greenpages CRON[7213]: pam_unix(cron:session): session opened for user root by (uid=0) Feb 1 04:23:01 greenpages CRON[7213]: pam_unix(cron:session): session closed for user root ... Feb 1 04:36:26 greenpages sshd[7217]: reverse mapping checking getaddrinfo for nat-pool-xx-xx-xx-xx.myinternet.net [xx.xx.xx.xx] failed - POSSIBLE BREAK-IN ATTEMPT! ... Feb 1 04:37:31 greenpages sshd[7223]: Did not receive identification string from xx.xx.xx.xx ... My sshd_conf file settings are: # Package generated configuration file # See the sshd(8) manpage for details # What ports, IPs and protocols we listen for Port xxx # Use these options to restrict which interfaces/protocols sshd will bind to #ListenAddress :: #ListenAddress 0.0.0.0 Protocol 2 # HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key #Privilege Separation is turned on for security UsePrivilegeSeparation yes # Lifetime and size of ephemeral version 1 server key KeyRegenerationInterval 3600 ServerKeyBits 768 # Logging SyslogFacility AUTH LogLevel DEBUG # Authentication: LoginGraceTime 120 PermitRootLogin no StrictModes yes RSAAuthentication yes PubkeyAuthentication yes #AuthorizedKeysFile %h/.ssh/authorized_keys # Don't read the user's ~/.rhosts and ~/.shosts files IgnoreRhosts yes # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes # To enable empty passwords, change to yes (NOT RECOMMENDED) PermitEmptyPasswords no # Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication no # Change to no to disable tunnelled clear text passwords PasswordAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosGetAFSToken no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes X11Forwarding no X11DisplayOffset 10 PrintMotd no PrintLastLog yes TCPKeepAlive yes #UseLogin no #MaxStartups 10:30:60 #Banner /etc/issue.net # Allow client to pass locale environment variables AcceptEnv LANG LC_* Subsystem sftp /usr/lib/openssh/sftp-server UsePAM no ClientAliveInterval 60 AllowUsers myuser

    Read the article

  • Does a 3ware "ECC-ERROR" matter on a JBOD when I have ZFS?

    - by Stefan Lasiewski
    I have a FreeBSD 8.x machine running ZFS and with a 3ware 9690SA controller. The 3ware controller shows an ECC-ERROR with one of the disks: //host> /c0 show VPort Status Unit Size Type Phy Encl-Slot Model ------------------------------------------------------------------------------ p0 OK u0 279.39 GB SAS 0 - SEAGATE ST3300657SS p1 OK u0 279.39 GB SAS 1 - SEAGATE ST3300657SS p2 OK u1 931.51 GB SAS 2 - SEAGATE ST31000640SS p3 ECC-ERROR u2 931.51 GB SAS 3 - SEAGATE ST31000640SS p4 OK u3 931.51 GB SAS 4 - SEAGATE ST31000640SS /c0 show events shows no ECC errors in it's recent history. ZFS does not currently detect any errors. zpool status says No known data errors My question: Is this ECC-ERROR something that I need to be concerned about? According to the 3ware CLI 9.5.2 Manual, an ECC-ERROR means that the 3ware controller caught a read-error for one or more sectors on this drive. This sometimes occurs when a RAID array is recovering from a failed disk. I believe that ECC-ERRORS can also be detected when the 3ware Controller verifies each disk. None of the drives have failed and thus there was no drive rebuild, so I assume that 3ware discovered a bad sector when it ran it's weekly auto-verify scan of the disks. Is this a safe assumption? According to our logs, ZFS has not detected any bad sectors on this drive. ZFS can work around read errors -- if ZFS detects a bad sector on the drive, it will simply mark that sector as bad and never use it again. From the ZFS perspective one bad sector isn't a big deal, although it might indicate that the drive is starting to go bad.

    Read the article

  • How can I make the Firefox Password Manager more intelligent?

    - by Philip
    I have two major gripes about the FF password manager: If I restore a session with multiple tabs with sites with saved passwords, the master password prompt pops up once for each of them, even if I correctly enter the password the first time. Sometimes I want Firefox not to use my saved passwords at all (e.g. because I want to let someone else use it without getting access to my accounts), but hitting cancel results in erratic behavior--sometimes the box just pops up again and again, or sometimes it stops and behaves as I wish (continuing to browse w/o my passwords) until it encounters another site that wants my password. Thus even when hitting cancel does leave me free to browse passwordless, it doesn't get Firefox to leave me alone for the whole session. Thus: do you know of any tweak or add-on that could (1) make Firefox smart enough to get my master password once and then leave me alone, and/or (2) add an option (checkbox-style, toggle button, etc.) to browse "for now" (until I toggle the option) or even "for this session" (until I restart) without using any of my saved passwords? I'm running Firefox 3.5.6 on Mac OS X 10.5; thanks.

    Read the article

  • ISACA Webcast follow up: Managing High Risk Access and Compliance with a Platform Approach to Privileged Account Management

    - by Darin Pendergraft
    Last week we presented how Oracle Privileged Account Manager (OPAM) could be used to manage high risk, privileged accounts.  If you missed the webcast, here is a link to the replay: ISACA replay archive (NOTE: you will need to use Internet Explorer to view the archive) For those of you that did join us on the call, you will know that I only had a little bit of time for Q&A, and was only able to answer a few of the questions that came in.  So I wanted to devote this blog to answering the outstanding questions.  Here they are. 1. Can OPAM track admin or DBA activity details during a password check-out session? Oracle Audit Vault is monitoring these activities which can be correlated to check-out events. 2. How would OPAM handle simultaneous requests? OPAM can be configured to allow for shared passwords.  By default sharing is turned off. 3. How long are the passwords valid?  Are the admins required to manually check them in? Password expiration can be configured and set in the password policy according to your corporate standards.  You can specify if you want forced check-in or not. 4. Can 2-factor authentication be used with OPAM? Yes - 2-factor integration with OPAM is provided by integration with Oracle Access Manager, and Oracle Adaptive Access Manager. 5. How do you control access to OPAM to ensure that OPAM admins don't override the functionality to access privileged accounts? OPAM provides separation of duties by using Admin Roles to manage access to targets and privileged accounts and to control which operations admins can perform. 6. How and where are the passwords stored in OPAM? OPAM uses Oracle Platform Security Services (OPSS) Credential Store Framework (CSF) to securely store passwords.  This is the same system used by Oracle Applications. 7. Does OPAM support hierarchical/level based privileges?  Is the log maintained for independent review/audit? Yes. OPAM uses the Fusion Middleware (FMW) Audit Framework to store all OPAM related events in a dedicated audit database.  8. Does OPAM support emergency access in the case where approvers are not available until later? Yes.  OPAM can be configured to release a password under a "break-glass" emergency scenario. 9. Does OPAM work with AIX? Yes supported UNIX version are listed in the "certified component section" of the UNIX connector guide at:http://docs.oracle.com/cd/E22999_01/doc.111/e17694/intro.htm#autoId0 10. Does OPAM integrate with Sun Identity Manager? Yes.  OPAM can be integrated with SIM using the REST  APIs.  OPAM has direct integration with Oracle Identity Manager 11gR2. 11. Is OPAM available today and what does it cost? Yes.  OPAM is available now.  Ask your Oracle Account Manager for pricing. 12. Can OPAM be used in SAP environments? Yes, supported SAP version are listed in the "certified component section" of the SAP  connector guide here: http://docs.oracle.com/cd/E22999_01/doc.111/e25327/intro.htm#autoId0 13. How would this product integrate, if at all, with access to a particular field in the DB that need additional security such as SSN's? OPAM can work with DB Vault and DB Firewall to provide the fine grained access control for databases. 14. Is VM supported? As a deployment platform Oracle VM is supported. For further details about supported Virtualization Technologies see Oracle Fusion Middleware Supported System configurations here: http://www.oracle.com/technetwork/middleware/ias/downloads/fusion-certification-100350.html 15. Where did this (OPAM) technology come from? OPAM was built by Oracle Engineering. 16. Are all Linux flavors supported?  How about BSD? BSD is not supported. For supported UNIX version see the "certified component section" of the UNIX connector guide http://docs.oracle.com/cd/E22999_01/doc.111/e17694/intro.htm#autoId0 17. What happens if users don't check passwords in at the end of a work task? In OPAM a time frame can be defined how long a password can be checked out. The security admin can force a check-in at any given time. 18. is MySQL supported? Yes, supported DB version are listed in the "certified component section" of the DB connector guide here: http://docs.oracle.com/cd/E22999_01/doc.111/e28315/intro.htm#BABGJJHA 19. What happens when OPAM crashes and you need to use the password? OPAM can be configured for high availability, but if required, OPAM data can be backed up/recovered.  See the OPAM admin guide. 20. Is OPAM Standalone product or does it leverage other components from IDM? OPAM can be run stand-alone, but will also leverage other IDM components

    Read the article

  • Mutable global variables don't get hide in python functions, right?

    - by aXqd
    Please see the following code: def good(): foo[0] = 9 # why this foo isn't local variable who hides the global one def bad(): foo = [9, 2, 3] # foo is local, who hides the global one for func in [good, bad]: foo = [1,2,3] print('Before "{}": {}'.format(func.__name__, foo)) func() print('After "{}": {}'.format(func.__name__, foo)) The result is as below: # python3 foo.py Before "good": [1, 2, 3] After "good": [9, 2, 3] Before "bad" : [1, 2, 3] After "bad" : [1, 2, 3]

    Read the article

  • How can I get Opera speed-dial and password management features in other browsers?

    - by Howard Guo
    I heavily rely on Opera's speed dial and password management features. Lack of these two features is really stopping me from switching to another web browser such as Chrome or Firefox. Opera's password management has two unique characteristics which I rely on heavily: It saves passwords on all pages, (apparently) despite the page's meta data asking not to save passwords. It offers keyboard shortcut and button to automatically fill in username/passwords and all other fields in a login form, then automatically submit the form. (So I'm only one key/click away from logging into a website) How can I get those functions in other browsers? Thank you! Edit: Reason being that I use other web browsers at work and I wish they could have those functions.

    Read the article

  • Postfix relay to multiple servers and multiple users

    - by Frankie
    I currently have postfix configured so that all users get relayed by the local machine with the exception of one user that gets relayed via gmail. To that extent I've added the following configuration: /etc/postfix/main.cf # default options to allow relay via gmail smtp_use_tls=yes smtp_sasl_auth_enable = yes smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.crt smtp_sasl_security_options = noanonymous # map the relayhosts according to user sender_dependent_relayhost_maps = hash:/etc/postfix/relayhost_maps # keep a list of user and passwords smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd /etc/postfix/relayhost_maps user-one@localhost [smtp.gmail.com]:587 /etc/postfix/sasl_passwd [smtp.gmail.com]:587 [email protected]:user-one-pass-at-google I know I can map multiple users to multiple passwords using smtp_sasl_password_maps but that would mean that all relay would be done by gmail where I specifically want all relay to be done by the localhost with the exception of some users. Now I would like to have a user-two@localhost (etc) relay via google with their own respective passwords. Is that possible?

    Read the article

  • Security measures for CentOS

    - by cappuccinodrinker
    I have been tightening up my web server security and wanted to know what else I can do. I am running CentOS 5 with these measures: - All passwords to FTP, MySQL etc are generated from grc.com/passwords.htm and microsoft.com/protect/fraud/passwords/create.aspx (for the ones which cannot be too long). - Running iptables with all ports shut off except for http mail and smtp, the important ports like FTP SSH are blocked to all except my static office IP. There is also no response to pings. - Rootkit Hunter running daily - The server is PCI compliant according to Comodo - Not running any crappy made php apps, we use Zend Framework for our stuff and do have kayako installed and keep them up to date. Can't really think of anything else I can do... I could implement a brute force measure, but I think I already have by simply changing my SSH port to a number above 10000 and blocking it off with iptables.

    Read the article

  • SSL certificates with password encrypted key at hosting provider

    - by Jurian Sluiman
    We are a software company and offer hosting to our clients. We have a VPS at a large Dutch datacenter. For some of the applications, we need an SSL certificate which we'd like to encrypt with a password protected keyfile. Our VPS reboots now and then because of updates whatsoever, but that means our apache doesn't start right away because the passwords are needed. This results in downtime and is of course a real big problem. We can give the passwords to our VPS datacenter, or create certificates based on keyfiles without passwords. Both solutions seem not the best one, because they compromise the security of our certificates. What's the best solution for this issue?

    Read the article

  • How to change password schema for Dovecot user authentication for an already existing mail server

    - by deb_lrnr
    Hello, I have an email server setup on Debian Lenny with Postfix, Dovecot, SASL and MySQL. Currently, the password scheme in my dovecot-sql.conf file is set to: CRYPT default_pass_scheme = CRYPT I would like to globally change the scheme to something stronger like SSHA, or MD5-CRYPT and re-hash all passwords with SSHA. What is the best way to do this? The Dovecot wiki mentions how passwords that don't follow the default scheme defined in dovecot-sql.conf can be prefixed with "{ssha}password", but I couldn't see anything regarding changing an already-existing scheme to a new one for all passwords that are already in the database. Thanks for your help!

    Read the article

  • How to enable password challenge in Active Directory?

    - by Antonio Laguna
    As IT Support, my team is taking so much time reseting passwords. So, we thought it would be interesting to enable some sort of Password Challenge in Active Directory so users could reset their own passwords, after correctly answering some questions. Despite we alert users by mail when their passwords are going to expire, they just delete the mail and go on so we think it should be a great idea. I've seen some commercial products but I'm not sure if there is something built-in or GPL to enable this kind of feature. Could someone shed some light about it?

    Read the article

  • Password History Storage and Variability Comparison

    - by z3ke
    I believe this situation would be similar to many others out there, so maybe some of you can shed some light... Supposedly, when making password changes through MS exchange every 90 days, you cannot use any simple variation of one of your old passwords, up to whatever limit the admin's set for a system. My question: If your previous passwords are only stored as hashes, how can they check for the "just changed one letter" case. Wouldn't they have to have access to the old plain-text passwords in order to make those comparisons? The only other thing I can think of is if upon original creation of a password, they also stored all other one character permutations of it, so that they can be banned later?

    Read the article

  • Password Management for Oracle WebLogic customers

    - by Anthony Shorten
    One of the most common requests for enhancements I get across my desk is that customers wish to allow end users to change their passwords from our products. Now, typically password management is not in the realm of individual applications but it is an infrastructure requirement, so we don't usually add this to our roadmaps by default. The issue is that with the vast range of security stores that can be used with our product line across the Web Application Servers we support, it is almost impossible to come up with a generic enough API to work across them. If you have a specific security store on a specific Web Application Server platform then there are simpler solutions. There are a number of ways of implementing this without providing functionality specific functionality: Oracle sells Identity Management software that offers common API's to manage passwords. You can purchase those products and link to the password change dialog in those products using Navigation Keys. If you are a customer using Oracle WebLogic, then there is a sample JSP's that can be linked to provide this functionality under Oracle TechNet (registration required) under Code Samples (project S20). These can be added as a Navigation Key to complete the functionality. This will allow end users to manage their own passwords. Obviously these are all samples and should be treated as customizations when you implement them. If you wish to understand Navigation Keys, then look at the Oracle Utilities Application Framework Integration Guidelines (Doc Id: 789060.1) available from My Oracle Support.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 60 61 62 63 64 65 66 67 68 69 70 71  | Next Page >