Search Results

Search found 2004 results on 81 pages for 'resetting passwords'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 7/81 | < Previous Page | 3 4 5 6 7 8 9 10 11 12 13 14  | Next Page >

  • What .NET objects should I use to create a cookie based session in MVC?

    - by makerofthings7
    I'm writing a custom password reset application that uses a validation technique that doesn't fit cleanly with ASP.NET Membership Provider's challenge questions. Namely I need to invoke a workflow and collect information from the end user (backup phone number, email address) after the user logs in using a custom form. The only way I know to create a cookie-based session (without too much "innovation" on my part) is to use WIF. What other standard objects can I use with ASP.NET MVC to create an authenticated session that works with non-windows user stores? Ideally I can store "role" or claim information in the session object such as "admin", "departmentXadmin", "normalUser", or "restrictedUser" The workflow would look like this: User logs in with username and password If the username and pw are correct a (stateless) cookie based session is created The user gets redirected to a HTML form that allows them to enter their backup phone number (for SMS dual factor), or validate it if already set. The user can then change their password using the form provided The "forgot password" would look like this User requests OTP code to be sent to the phone User logs in using username and OTP If the OTP is valid and not expired then create a cookie based session and redirect to a form that allows password reset Show password reset form, and process results.

    Read the article

  • Windows Home Server Passwords Do Not Match

    - by Ben Fulton
    I have a Windows Home Server that chunks along just fine most of the time. I've never bothered to put it on a UPS and so it's vulnerable to power outages that happen a few times a year. This most recent time, it came back and seemed to be fine, but whenever I try to access a shared folder I get "Passwords do not match". They matched before the power went out, and I couldn't update the WHS password since I apparently didn't know the old one. How do I fix this? (I asked this on ServerFault and they recommended it be asked here instead)

    Read the article

  • Lost Root and other user passwords

    - by Webnet
    This isn't a huge deal, because there's very little on the server (literally a file or two) that we actually need off of it. But we disabled root logins as a security measure and can't remember any of our other user passwords. I'm assuming that there's nothing we can do at this point to get into the server? I'm sitting next to the box... Update Oops... actually, I need to export an SVN off of this server. So yeah, there's stuff I need.

    Read the article

  • How to synchronize users, passwords, hosts, etc without NIS

    - by joshxdr
    I am administering a very small solaris 2.6 network with 4 boxes total. Is it possible to use scp or similar to replace NIS for synchronizing users, groups, hosts, etc? This network is only a small part of my job and I don't want to spend too much time on it, and I am worried the setup and maintenence of NIS will not pay off. I need it to behave like a proper multi-user system, when a user logs into any machine, the users, passwords, hosts, etc. are always the same. Is there an easy way to do this with scp? Right now I copy /etc/passwd from one box to another with scp, but sometimes I make mistakes or forget a step, and scp inside of shell scripts don't seem to works so well since they require password authentication. Any recommendations would be welcome.

    Read the article

  • SASL (Postfix) authentication with MySQL and SHA1 pre-encrypted passwords

    - by webo
    I have a Rails app with the Devise authentication gem running user registration and login. I want to use the db table that Devise populates when a user registers as the table that Postfix uses to authenticate users. The table has all the fields that Postfix may want for SASL authentication except that Devise encrypts the password using SHA1 before placing it in the database. How could I go about getting Postfix/SASL to decrypt those passwords so that the user can be authenticated properly? Devise salts the password so I'm not sure if that helps. Any suggestions? I'd likely want to do something similar with Dovecot or Courier, I'm not attached to one quite yet.

    Read the article

  • Managing service passwords with Puppet

    - by Jeff Ferland
    I'm setting up my Bacula configuration in Puppet. One thing I want to do is ensure that each password field is different. My current thought is to hash the hostname with a secret value that would ensure each file daemon has a unique password and that password can be written to both the director configuration and the file server. I definitely don't want to use one universal password as that would permit anybody who might compromise one machine to get access to any machine through Bacula. Is there another way to do this other than using a hash function to generate the passwords? Clarification: This is NOT about user accounts for services. This is about the authentication tokens (to use another term) in the client / server files. Example snippet: Director { # define myself Name = <%= hostname $>-dir QueryFile = "/etc/bacula/scripts/query.sql" WorkingDirectory = "/var/lib/bacula" PidDirectory = "/var/run/bacula" Maximum Concurrent Jobs = 3 Password = "<%= somePasswordFunction =>" # Console password Messages = Daemon }

    Read the article

  • Has anyone figured out how to use same username with different passwords (Windows)

    - by Coder
    Tried Googling, tried net use, and anything I could, with no results. I have a PC with users, and I have a network server with shared folders. For some users the usernames of the share and local account match, but the passwords are different (a good security practice). Unfortunately, Windows doesn't want to remap the drives on login, and asks for credentials when I try to connect. If I enter the password, the connection succeeds, but it still fails on next login, even if I have checked the "remember" checkbox. On PC: usera@machinea pass1 On NAS: usera@nas pass2 net use z: \\nasip\usera /user:nasip\usera pass2 /persistent:yes Credential store seems to have the user credentials stored... But the mapping fails all the time.

    Read the article

  • Windows Home Server Passwords Do Not Match [closed]

    - by Ben Fulton
    I have a Windows Home Server that chunks along just fine most of the time. I've never bothered to put it on a GPS and so it's vulnerable to power outages that happen a few times a year. This most recent time, it came back and seemed to be fine, but whenever I try to access a shared folder I get "Passwords do not match". They matched before the power went out, and I couldn't update the WHS password since I apparently didn't know the old one. How do I fix this?

    Read the article

  • Facebook - Isn't this a big vulnerability risk for users? (After Password Change)

    - by Trufa
    I would like to know you opinions as programmers / developers. When I changed my Facebook password yesterday, by mistake I entered the old one and got this: Am I missing something here or this is a big potencial risk for users. In my opinion this is a problem BECAUSE it is FaceBook and is used by, well, everyone and the latest statistics show that 76.3% of the users are idiots [source:me], that is more that 3/4!! All kidding aside: Isn't this useful information for an attacker? It reveals private information about the user! It could help the attacker gain access to another site in which the user used the same password Granted, you should't use use the same password twice (but remember: 76.3%!!!) Doesn't this simply increase the surface area for attackers? It increases the chances of getting useful information at least. In a site like Facebook 1st choice for hackers and (bad) people interested in valued personal information shouldn't anything increasing the chance of a vulnerability be removed? Am I missing something? Am I being paranoid? Will 76.3% of the accounts will be hacked after this post? Thanks in advance!! BTW if you want to try it out, a dummy account: user: [email protected] (old) password: hunter2

    Read the article

  • Is an 'if password == XXXXXXX' enough for minimum security?

    - by Prof Plum
    If I create a login for an app that has middle to low security risk (in other words, its not a banking app or anything), is it acceptable for me to verify a password entered by the user by just saying something like: if(enteredPassword == verifiedPassword) SendToRestrictedArea(); else DisplayPasswordUnknownMessage(); It seems to easy to be effective, but I certainly would not mind if that was all that was required. Is a simple check on username/password combo enough? Update: The particular project happens to be a web service, the verification is entirely server side, and it is not open-source. Does the domain change how you would deal with this?

    Read the article

  • How to refuse to give an access to passwords to a customer without being unprofessional or rude?

    - by MainMa
    Let's say you're creating a website for a customer. This website has its own registration (either combined with OpenID or not). The customer asks you to be able to see the passwords the users are choosing, given that the users will probably be using the same password on every website. In general, I say: either that it is impossible to retrieve the passwords, since they are not stored in plain text, but hashed, or that I have no right to do that or that administrators must not be able to see the passwords of users, without giving any additional details. The first one is false: even if the passwords are hashed, it is still possible to catch and store them on each logon (for example doing a strange sort of audit which will remember not only which user succeeded or failed to logon, but also with which password). The second one is rude. How to refuse this request, without being either unprofessional or rude?

    Read the article

  • Group Policy for Setting Passwords: Server 2003 Domain

    - by user1236435
    In my 2003 domain, I am being requested to set a password policy to require passwords to expire every 4 months, and also require users to change their password on their next login, due to a security issue. In my domain, my OU's are setup by location, then drilled down to city, then the users and computers are in separate sub-domains. My question is, how do I set this up for my domain? Will I need to set the policy up for loop back? Can I configure this for just a specific OU? Any suggestions on how to move forward? Any advise is much appreciated, and thanks in advance!

    Read the article

  • Managing client passwords

    - by HurkNburkS
    I am just starting up a small website development business and one of the issues I am having is remembering passwords and account information for clients hosting, cpanel, ftp accounts etc. I was wondering what is the most suitable system / industry standard for controlling such information? Pretty marginal on the close there... I read the FAQ and I felt list this could be a common issue for webmasters, its defiantly not a coding questions so stackoverflow is out of the question and its not a broad question its focused on one particular aspect of being a webmaster.

    Read the article

  • Issue with resetting auto increment from default to big number

    - by Sai Srikanth
    I have a MySQL table naming Invoice for a Inventory Monitoring site, invoice_number is bigint(19) AUTO_INCREMENT field. Currently AUTO_INCREMENT value is 1. Client want it to start the invoice_number from 50000. With the following script reset the ALTER TABLE INVOICES AUTO_INCREMENT = 50000; When I wrote an Insert Script to insert data in SQLDBX, it is putting the invoice_number from 50000. But when i am trying to do insert a record using the application(web application), the invoice_number value is starting from 1. We are making use of Spring-JDBC template to insert data into mysql database.

    Read the article

  • Apache keeps resetting while testing on localhost...

    - by Scott
    Hello everyone. I'm getting errors while testing web pages on localhost. I'm running Windows 7 64-bit. I'm not using Wamp or Xampp. This is what the error.log tells me (I've highlighted the errors in question): [Sat Mar 06 05:10:55 2010] [notice] Apache/2.2.14 (Win32) PHP/5.2.13 configured -- resuming normal operations [Sat Mar 06 05:10:55 2010] [notice] Server built: Sep 28 2009 22:41:08 [Sat Mar 06 05:10:55 2010] [notice] Parent: Created child process 6588 httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.2.2 for ServerName httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.2.2 for ServerName [Sat Mar 06 05:10:55 2010] [notice] Child 6588: Child process is running [Sat Mar 06 05:10:55 2010] [notice] Child 6588: Acquired the start mutex. [Sat Mar 06 05:10:55 2010] [notice] Child 6588: Starting 1000 worker threads. [Sat Mar 06 05:10:55 2010] [notice] Child 6588: Starting thread to listen on port 80. Any input would be greatly appreciated. Thanks.

    Read the article

  • Computer resetting semi-randomly

    - by Peter
    Hi, I'm having a problem with my desktop whereby it sometimes resets itself semi-randomly. For example, I'll switch it on, it'll boot an OS and shortly after getting to the desktop it will immediately reset with no warning. The time isn't consistent - sometimes it does it before reaching login. I'm pretty sure it's not an OS thing; have tried Ubuntu and a Windows install and both exhibit it. It also doesn't appear to be heat-related because sometimes it appears to be able to "get past" it and will then run stably even under load; if anything it seems to be worse from a cold start. My gut feeling is some kind of power issue but I'm clutching at straws a little. Any suggestions on how I could go about testing it or trying to narrow the problem down would be appreciated. The machine is four years old now so while I can replace components if needed, it's not worth enough that I'm comfortable buying new parts without being pretty confident that they'll fix the problem. Thanks in advance for any help :) Edit: Okay, the motherboard is a MSI K8N SLI; CPU is an Athlon64 X2 4200+. Has one video card, a GeForce 7800GT. 1GB RAM, not sure of brand; 3 hard drives, two SATA and one PATA. Flashed motherboard to latest BIOS some time ago. Edit the Second: I thought I'd narrowed it down to the PSU for a while, but then it recurred again. I ended up pulling everything out but CPU, RAM and motherboard and it still seems to be stuffed (if anything, it's gotten worse in the last couple of days). I assume it's one of those three components, but the machine is old enough that I don't really want to spend money replacing any of them. So thanks for everyone's suggestions; much appreciated!

    Read the article

  • Resetting Mac OS X administrator password without a disk

    - by Simon Sheehan
    I'm currently in possession of an eMac G4 running OS X 10.4. I went to install some software, and found I didn't actually have the password. No one seems to know it, and it's not written down anywhere. These were purchased by the school many years ago and are not really maintained, since people just used Garageband mostly. I went to look for the restore disk, and its nowhere to be found. How can I reset the password without a disk?

    Read the article

  • How do you stop an FTP Service resetting?

    - by Jenski
    While using an FTP service through the command line, I try to retrieve a directory listing. I get: ftp> ls 200 PORT command successful. 150 Opening ASCII mode data connection for file list. > ftp: get :Connection reset by peer Any ideas how I should go about resolving this problem? Thanks in advance.

    Read the article

  • Resetting root password on Fedora Core 3 - serial cable access only

    - by Sensible Eddie
    A little background: We have an old rackmount server running a customised version of Fedora, manufactured by a company called Navaho. The server is a TeamCAT, running some proprietary rubbish called Freedom2. We have to keep it going - the alternative is extraordinarily expensive, and the business is not likely to be running much longer to justify changing things. Through one means or another, it has fallen upon me to try and resolve our lack of root access. The previous admin has fallen under the proverbial bus, and nobody has any clue. We have no access to the root account for this server. ssh is running on the server, and there is one account admin that we can login with, however it has no permission to do anything (ironic...) The only other way into the server is with a null-modem serial cable. This works... up to a point. I can see the BIOS, I can see the post BIOS screen, and then I see "Starting grub", followed by another screen with about four lines of Linux information, but then it stops at that point. The server continues booting, and all services come online after around two minutes, but the serial terminal displays no more information. I understand it is possible to put Linux into "single user mode" to reset a root password, but I have no idea how to do this beyond trying to interrupt it at the grub stage listed above. When I have tried it just froze. It was almost like grub had appeared (since the server did not continue booting) but I couldn't see it on the serial terminal. Which made me think maybe the grub screen has some different serial settings? I don't know... it's the first time I've ever used serial for access! A friend of mine suggested trying to use a Fedora boot CD. We could boot from USB, so something along this approach is possible but again we still can only see what's going on with the serial terminal, so it might not be achievable. Does anyone have any suggestions for things I can try? I appreciate this is a bit of a long shot, but any assistance would be invaluable. *UPDATE 1 - 28/8/12 * - we will be making some attempts on this today and will post further details later!

    Read the article

  • Resetting default Input Method in Mac OS 10.6

    - by Tim Visher
    I'm a Dvorak guy. I recently installed a new machine at the inlaws who are not Dvorak people. I stupidly selected Dvorak as my Input Method of choice while installing OS X. Now, all of the users I created default to Dvorak and need to go through the manual process of removing Dvorak as their Input Method of choice and instead choosing U.S. I have no idea how far reaching the implications might be. Could be that any time another user is added they will default to Dvorak. Right now, I'd like to set the default back to U.S. How can I do that? Behaviors I'm looking for include that when the Input Menu is not shown at the Login Screen, U.S. is the keyboard layout. Any future users created should default to U.S. with no Input Menu in the menu bar. Any users created already should have their default layout be U.S. Thanks in advance!

    Read the article

  • My laptop keeps hard resetting

    - by cgoddard
    I have had this laptop for a long time (five years at least) and it hasn't had the best treatment over the years. But over the last few months, it has been randomly completely shutting down, no blue screening, no steady shutdown, just black screen, then BIOS. I think it might be happening as I do a save, but cant be sure, but recently it has been getting very annoying. I did initially think it was an overheating issue, but the speed that it comes back online is staggeringly fast for it to have cooled down sufficiently. plus it has got incredibly hot before with no issue (since its been doing this). Does anyone know what might be going on? Dell Inspiron 640m, running Windows 7.

    Read the article

  • What is a plain text password and why can it be decypted?

    - by Misha
    I was trying to understand the level of security offered by Windows picture passwords and ran across this claim on this website. Some of our password recovery utilities already implement Windows 8 plain-text password decryption. The upcoming release of Windows Password Recovery is expected to have a full-fledged Vault analyzer and offline decoder. I'm trying to understand what a plain text password is and if it is the default kind of password when I add a password to my account. My head is a bit muddled on this one so any clarification can help. It seems there are passwords that can be decrypted and those that can't. What can be decrypted? Is the password I enter in Windows exposed?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 3 4 5 6 7 8 9 10 11 12 13 14  | Next Page >