Search Results

Search found 11785 results on 472 pages for 'password protection'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 66/472 | < Previous Page | 62 63 64 65 66 67 68 69 70 71 72 73  | Next Page >

  • Protect Files from Git

    - by Tanner
    I'm using Git with WindRiver to manage a project of mine. The code is being managed, however the project files (such as .cproject, .project, .wrmakefile, and .wrproject) are not. However when I switch branches, Git deletes those files spite them being in .gitignore, thereby removing my ability to compile the code without having to revert commits or keeping a backup. So, is there a way to say to Git - ignore these files and don't touch them no matter what?

    Read the article

  • MD5 password twice

    - by NoviceCoding
    I know MD5's safety is under question lately and this is the reason a lot of people are using salt (I dont understand this at all btw) but I was wondering if you wanted to easily implement a safe system in php can you just md5 something twice? like test 098f6bcd4621d373cade4e832627b4f6 fb469d7ef430b0baf0cab6c436e70375 So basically: $val = 'test'; $val = md5($val); $val = md5($val); Would that solve the whole rainbow security stuff? Is there an easy/noob proof way of making secure database passwords in php?

    Read the article

  • Secure password transmission over unencrypted tcp/ip

    - by academicRobot
    I'm in the designing stages of a custom tcp/ip protocol for mobile client-server communication. When not required (data is not sensitive), I'd like to avoid using SSL for overhead reasons (both in handshake latency and conserving cycles). My question is, what is the best practices way of transmitting authentication information over an unencrypted connection? Currently, I'm liking SRP or J-PAKE (they generate secure session tokens, are hash/salt friendly, and allow kicking into TLS when necessary), which I believe are both implemented in OpenSSL. However, I am a bit wary since I don't see many people using these algorithms for this purpose. Would also appreciate pointers to any materials discussing this topic in general, since I had trouble finding any.

    Read the article

  • Serial numbers generation without user data

    - by Sphynx
    This is a followup to this question. The accepted answer is generally sufficient, but requires user to supply personal information (e.g. name) for generating the key. I'm wondering if it's possible to generate different keys based on a common seed, in a way that program would be able to validate if those keys belong to particular product, but without making this process obvious to the end user. I mean it could be a hash of product ID plus some random sequence of characters, but that would allow user to guess potential new keys. There should be some sort of algorithm difficult to guess.

    Read the article

  • Automate downloads from password protected website

    - by Andrew
    I need some help with a work project I have been assigned. At the moment we manually go to the site, logon and then download 2 excel files from a supplier's website every month. The files are then loaded into SQL. We want to automate this process. Now the loading of the files into SQL I can do, but I am not sure how I can automate logging onto the website entering my user details and collecting the files. I mostly deal with SQL and have very little .NET experience, so any code samples would be most appreciated.

    Read the article

  • Protect my PHP App

    - by Abs
    Hello all, I have developed an app and its written in PHP (with a bunch of SQL scripts), this app will be used by a few small companies. For them to use it, I will have to install Apache and SQL Server for them. Every method I have thought has fallen short of what I need. I was actually just hoping to use ZendGuard or IonCube but they don't support PHP 5.3.x. Is there a simpler method where I can maybe store a key in the database and make the app run only when it knows its on that server? Maybe create a key based on some random numbers/letters and the machine name, sql server host name and encode/decode this when ever the system is in use? Thanks all for any help or ideas

    Read the article

  • Torrents: Can I protect my software by sending wrong bytes?

    - by Martijn Courteaux
    Hi, It's a topic that everyone interests. How can I protect my software against stealing, hacking, reverse engineering? I was thinking: Do my best to protect the program for reverse engineering. Then people will crack it and seed it with torrents. Then I download my own cracked software with a torrent with my own torrent-software. My own torrent-software has then to seed incorrect data (bytes). Of course it has to seed critical bytes. So people who want to steal my software download my wrong bytes. Just that bytes that are important to startup, saving and loading data, etc... So if the stealer download from me (and seed it later) can't do anything with it, because it is broken. Is this idea relevant? Maybe, good torrent-clients check hashes from more peers to check if the packages (containing my broken bytes) I want to seed are correct or not? Thanks

    Read the article

  • Is a commercial licensing tool better than a home grown solution for licensing a software product.

    - by Kalpak
    Hi, We are developing a product in C#.Net. We would definately not like our product to be copied easily across machines (in short pirated). For that purpose can anybody suggest using a 3rd party tool or a home grown solution. What are the pros and cons of each. One negative about home grown solution is that the cost involved in creating one from scratch. Can somebody comment on the technology to be used for licensing as .Net can be decompiled.

    Read the article

  • Stopping the manipulation of variables used for data collection?

    - by Ruinous
    I am working on a project in java and I was hoping to be able to collect statistics from the client and a possible problem that I fear will occur is the manipulation of the variables used for collection which will lead to illegitimate statistics. Is it in any way possible to prevent the manipulation of variables or is it always possible? For example: I want to log the actions made per hour from the client. The variable acting as a counter for the amount of actions performed is manipulated and a much larger amount is added to the counter. This data is then uploaded to the server (Of course using a multi-tier architecture to prevent even more possible problems) and considered 'legit.' Is there any way to prevent this?

    Read the article

  • What is the best way to go about obscuring Java code?

    - by Waltzy
    Well, I'm planning on releasing a Jar into the world but would prefer if the code was not readably available to anyone with a Java Decompiler as I want to control access to the program with usernames / auth codes etc. After some Googling I haven't found any software to do this for me, so I was wondering what steps to take from here; if anyone can point me at any software or information on methodologies of obscurification I would be grateful. Cheers again Stack Overflow.

    Read the article

  • How to decrypt a password from SQL server?

    - by sef
    I have this query in sql server 2000: select pwdencrypt('AAAA') which outputs an encrypted string of 'AAAA': 0x0100CF465B7B12625EF019E157120D58DD46569AC7BF4118455D12625EF019E157120D58DD46569AC7BF4118455D How can I convert (decrypt) the output from its origin (which is 'AAAA')?

    Read the article

  • Making commercial Java software

    - by roddik
    Hi. I intend to make some software to be sold over internet. I've only created open-source before, so I have really no idea of how to protect it from being cracked and distributed as warez. Bearing in mind that I know like two programms that aren't either cracked or not really useful I decided that the only more or less reliable way may look like this: Connect to a server and provide licensing info and some sort of hardware summary info If everything is fine, the server returns some crucial missing parts of the program bound to that certain pc along with the usage limit of say 2 days That crucial stuff is not saved to hard drive, so it is downloaded every time the program starts, if the programm runs more than 2 days, data is downloaded again If the same info is used from different computers, suspend the customer account What do you think about this? It may seem a bit to restrictive, but I'd better make less sales at first then eventually see my precious killer app downloaded for free. Anyways, first I need some basic theory/tutorials/guides about how to ensure that user only uses a certain Java app if he has paid for it, so please suggest some. Thanks

    Read the article

  • Why not use HTTPS for everything?

    - by Malfist
    If I was setting up a server, and had the SSL certificate(s), why wouldn't I use HTTPS for the entire site instead of just for purchases/logins? I would think it would make more sense just to encrypt the entire site, and protect the user entirely. It would prevent problems such as deciding what has to be secured because everything would be, and it's not really an inconvenience to the user. If I was already using an HTTPS for part of the site, why wouldn't I want to use it for the entire site?

    Read the article

  • Password generation, best practice

    - by Aidan
    I need to generate some passwords, I want to avoid characters that can be confused for each other. Is there a definitive list of characters I should avoid? my current list is il10o8B3Evu![]{} Are there any other pairs of characters that are easy to confuse? for special characters I was going to limit myself to those under the number keys, though I know that this differs depending on your keyboards nationality! As a rider question, I would like my passwords to be 'wordlike'do you have a favoured algorithm for that? Thanks :)

    Read the article

  • Google Chrome Updates; Faster, Cleaner Menus, Encrypted Password Syncing, and More

    - by ETC
    Google Chrome has rolled out a new update that includes a host of improves such as easier to navigate menus, encrypted password syncing, over all speed improvements, Flash sandboxing, and more. Google Chome’s new update has a host of subtle but powerful improvements. The browser is faster, the security is improved thanks the addition of encrypted password syncing and sandboxing of the integrated flash player, and the settings menu has been restructured and cleaned up for easy navigation. Check out the video above to take a peek at some of the changes or hit up the link below to read more. Speedier, Simpler, and Safer: Chrome’s Basics Get Even Better [The Official Google Blog] Latest Features How-To Geek ETC How to Get Amazing Color from Photos in Photoshop, GIMP, and Paint.NET Learn To Adjust Contrast Like a Pro in Photoshop, GIMP, and Paint.NET Have You Ever Wondered How Your Operating System Got Its Name? Should You Delete Windows 7 Service Pack Backup Files to Save Space? What Can Super Mario Teach Us About Graphics Technology? Windows 7 Service Pack 1 is Released: But Should You Install It? Save Files Directly from Your Browser to the Cloud in Chrome and Iron The Steve Jobs Chronicles – Charlie and the Apple Factory [Video] Google Chrome Updates; Faster, Cleaner Menus, Encrypted Password Syncing, and More Glowing Chess Set Combines LEDs, Chess, and DIY Electronics Fun Peaceful Alpine River on a Sunny Day [Wallpaper] Fast Society Creates Mini and Mobile Temporary Social Networks

    Read the article

  • Printer share keeps asking for password and I can't authenticate from any machine. Why?

    - by tenshimsm
    Ubuntu 12.04 printer share keeps asking for password and I can't authenticate from any machine. Why?? We've installed it in two machine (to act as printer servers) and we get the same problem. It doesn't matter what we do, change or install. We can't figure out why the printer share asks for password even using all of the users that are registered in the server. What is wrong with Precise? I want it to work without a password, but it is not even working WITH one! I gave up! The samba version that comes with Precise is insufferable! I tried various settings that didn't work. I should've used Mint from the beginning. [Edit] My printers config. Remembering that samba is 3.6.3 in ubuntu 12.04 load printers = yes [printers] comment = All Printers browseable = yes path = /var/spool/samba printable = yes guest ok = yes readonly = yes create mask = 0700 [print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = yes readonly = yes guest ok = yes

    Read the article

  • Stop Windows Domain Environment Caching Old Passwords?

    - by Daryl Gill
    I have noticed on my domain environment; the old Administrator password (before password expire).. The client machines have cached the old password and have the ability to bypass the new password by entering the old one..? I have noticed on my domain environment; the old Administrator password (before password expire).. The client machines have cached the old password and have the ability to bypass the new password by entering the old one..? Basically; I'm running a UAC enabled domain, which needs the administrator password to continue basic stuff; installations and such. The password for the administrator account has been changed due to expiration of said accounts password. By accident a fellow administrator typed the old password and still bypassed the UAC with what should have been the incorrect password. Is this a bug with the environment? or something that needs to be tweaked in the server sided settings? Is this a bug with the environment? or something that needs to be tweaked in the server sided settings?

    Read the article

  • break Folder Protection, Folder Guard Lock or Folder in Windows XP?

    - by SonyAdi
    when I'm making a new partition by the partition magic. Then all of a sudden power failure. Unfortunately because my computer is not equipped with UPS (Power supply Uniterruptible), my computer finally died, too. When power is restored, I tried to turn on the computer. Suddenly my computer can not boot normally into windows. Option through safemode and others all I've tried. The result fails, can not boot at all, into safe mode also can not. And I know the cause. Partition Magic did not finish the work and stopped in the middle of the road and cause the transfer of data files or stopped, finally file2 any default windows were destroyed as well. Unfortunately my important data I store in my document. Finally, I take my hard drive to a friend. Hopes to open a computer hard drive through friend, at least I could save my important data, and then I can install window again by reformatting my hard drive is first. I read the hard drive in explorer my friend, complete with their data, but the data of my important data in my document can not get to go because it requires administrator privileges or the original user's default start my windows (my computer) to open my document folder tersebut.Ini actually very similar to the work or Folder Protection Folder Guard. result I was disappointed and almost desperate to get back my important data is. how do i break Folder Protection, Folder Guard Lock or Folder in Windows XP?

    Read the article

  • Implementing parts of rfc4226 (HOTP) in mysql

    - by Moose Morals
    Like the title says, I'm trying to implement the programmatic parts of RFC4226 "HOTP: An HMAC-Based One-Time Password Algorithm" in SQL. I think I've got a version that works (in that for a small test sample, it produces the same result as the Java version in the code), but it contains a nested pair of hex(unhex()) calls, which I feel can be done better. I am constrained by a) needing to do this algorithm, and b) needing to do it in mysql, otherwise I'm happy to look at other ways of doing this. What I've got so far: -- From the inside out... -- Concatinate the users secret, and the number of time its been used -- find the SHA1 hash of that string -- Turn a 40 byte hex encoding into a 20 byte binary string -- keep the first 4 bytes -- turn those back into a hex represnetation -- convert that into an integer -- Throw away the most-significant bit (solves signed/unsigned problems) -- Truncate to 6 digits -- store into otp -- from the otpsecrets table select (conv(hex(substr(unhex(sha1(concat(secret, uses))), 1, 4)), 16, 10) & 0x7fffffff) % 1000000 into otp from otpsecrets; Is there a better (more efficient) way of doing this?

    Read the article

  • Where are the real risks in network security?

    - by Barry Brown
    Anytime a username/password authentication is used, the common wisdom is to protect the transport of that data using encryption (SSL, HTTPS, etc). But that leaves the end points potentially vulnerable. Realistically, which is at greater risk of intrusion? Transport layer: Compromised via wireless packet sniffing, malicious wiretapping, etc. Transport devices: Risks include ISPs and Internet backbone operators sniffing data. End-user device: Vulnerable to spyware, key loggers, shoulder surfing, and so forth. Remote server: Many uncontrollable vulnerabilities including malicious operators, break-ins resulting in stolen data, physically heisting servers, backups kept in insecure places, and much more. My gut reaction is that although the transport layer is relatively easy to protect via SSL, the risks in the other areas are much, much greater, especially at the end points. For example, at home my computer connects directly to my router; from there it goes straight to my ISPs routers and onto the Internet. I would estimate the risks at the transport level (both software and hardware) at low to non-existant. But what security does the server I'm connected to have? Have they been hacked into? Is the operator collecting usernames and passwords, knowing that most people use the same information at other websites? Likewise, has my computer been compromised by malware? Those seem like much greater risks. What do you think?

    Read the article

  • Authorizing a computer to access a web application

    - by HackedByChinese
    I have a web application, and am tasked with adding secure sign-on to bolster security, akin to what Google has added to Google accounts. Use Case Essentially, when a user logs in, we want to detect if the user has previously authorized this computer. If the computer has not been authorized, the user is sent a one-time password (via email, SMS, or phone call) that they must enter, where the user may choose to remember this computer. In the web application, we will track authorized devices, allowing users to see when/where they logged in from that device last, and deauthorize any devices if they so choose. We require a solution that is very light touch (meaning, requiring no client-side software installation), and works with Safari, Chrome, Firefox, and IE 7+ (unfortunately). We will offer x509 security, which provides adequate security, but we still need a solution for customers that can't or won't use x509. My intention is to store authorization information using cookies (or, potentially, using local storage, degrading to flash cookies, and then normal cookies). At First Blush Track two separate values (local data or cookies): a hash representing a secure sign-on token, as well as a device token. Both values are driven (and recorded) by the web application, and dictated to the client. The SSO token is dependent on the device as well as a sequence number. This effectively allows devices to be deauthorized (all SSO tokens become invalid) and mitigates replay (not effectively, though, which is why I'm asking this question) through the use of a sequence number, and uses a nonce. Problem With this solution, it's possible for someone to just copy the SSO and device tokens and use in another request. While the sequence number will help me detect such an abuse and thus deauthorize the device, the detection and response can only happen after the valid device and malicious request both attempt access, which is ample time for damage to be done. I feel like using HMAC would be better. Track the device, the sequence, create a nonce, timestamp, and hash with a private key, then send the hash plus those values as plain text. Server does the same (in addition to validating the device and sequence) and compares. That seems much easier, and much more reliable.... assuming we can securely negotiate, exchange, and store private keys. Question So then, how can I securely negotiate a private key for authorized device, and then securely store that key? Is it more possible, at least, if I settle for storing the private key using local storage or flash cookies and just say it's "good enough"? Or, is there something I can do to my original draft to mitigate the vulnerability I describe?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 62 63 64 65 66 67 68 69 70 71 72 73  | Next Page >