Search Results

Search found 94172 results on 3767 pages for 'user password'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 7/3767 | < Previous Page | 3 4 5 6 7 8 9 10 11 12 13 14  | Next Page >

  • SQL SERVER – Detecting guest User Permissions – guest User Access Status

    - by pinaldave
    Earlier I wrote the blog post SQL SERVER – Disable Guest Account – Serious Security Issue, and I got many comments asking questions related to the guest user. Here are the comments of Manoj: 1) How do we know if the uest user is enabled or disabled? 2) What is the default for guest user in SQL Server? Default settings for guest user When SQL Server is installed by default, the guest user is disabled for security reasons. If the guest user is not properly configured, it can create a major security issue. You can read more about this here. Identify guest user status There are multiple ways to identify guest user status: Using SQL Server Management Studio (SSMS) You can expand the database node >> Security >> Users. If you see the RED arrow pointing downward, it means that the guest user is disabled. Using sys.sysusers Here is a simple script. If you notice column dbaccess as 1, it means that the guest user is enabled and has access to the database. SELECT name, hasdbaccess FROM sys.sysusers WHERE name = 'guest' Using sys.database_principals and sys.server_permissions This script is valid in SQL Server 2005 and a later version. This is my default method recently. SELECT name, permission_name, state_desc FROM sys.database_principals dp INNER JOIN sys.server_permissions sp ON dp.principal_id = sp.grantee_principal_id WHERE name = 'guest' AND permission_name = 'CONNECT' Using sp_helprotect Just run the following stored procedure which will give you all the permissions associated with the user. sp_helprotect @username = 'guest' Disable Guest Account REVOKE CONNECT FROM guest Additionally, the guest account cannot be disabled in master and tempdb; it is always enabled. There is a special need for this. Let me ask a question back at you: In which scenario do you think this will be useful to keep the guest, and what will the additional configuration go along with the scenario? Note: Special mention to Imran Mohammed for being always there when users need help. Reference: Pinal Dave (http://blog.sqlauthority.com) Filed under: PostADay, SQL, SQL Authority, SQL Query, SQL Security, SQL Server, SQL Tips and Tricks, T SQL, Technology

    Read the article

  • Exchange accidentally forwards sent mails from one User to another User's Inbox

    - by Das Butterschnitzel
    Like the Topic says: Our Exchange Server accidentally forwards sent mails from one User to another User's Inbox. The sent mails are mostly to Outbound Adresses and they where successfully delivered but all those sent Mails are accidentally forwarded into our Info Mail account. There are no Outlook rules defined and the forward routing in exchange is not used, for such things. I really don´t know the cause of the problem and i don´t know where I have to look, because I´m new to exchange...

    Read the article

  • Password Policy seems to be ignored for new Domain on Windows Server 2008 R2

    - by Earl Sven
    I have set up a new Windows Server 2008 R2 domain controller, and have attempted to configure the Default Domain Policy to permit all types of passwords. When I want to create a new user (just a normal user) in the Domain Users and Computers application, I am prevented from doing so because of password complexity/length reasons. The password policy options configured in the Default Domain Policy are not defined in the Default Domain Controllers Policy, but having run the Group Policy Modelling Wizard these settings do not appear to be set for the Domain Controllers OU, should they not be inherited from the Default Domain policy? Additionally, if I link the Default Domain policy to the Domain Controllers OU, the Group Policy Modelling Wizard indicates the expected values for complexity etc, but I still cannot create a new user with my desired password. The domain is running at the Windows Server 2008 R2 functional level. Any thoughts? Thanks! Update: Here is the "Account policy/Password policy" Section from the GPM Wizard: Policy Value Winning GPO Enforce password history 0 Passwords Remembered Default Domain Policy Maximum password age 0 days Default Domain Policy Minimum password age 0 days Default Domain Policy Minimum password length 0 characters Default Domain Policy Passwords must meet complexity Disabled Default Domain Policy These results were taken from running the GPM Wizard at the Domain Controllers OU. I have typed them out by hand as the system I am working on is standalone, this is why the table is not exactly the wording from the Wizard. Are there any other policies that could override the above? Thanks!

    Read the article

  • Is there a way to prevent password expiration when user has no password?

    - by Eric DANNIELOU
    Okay, we all care about security so users should change their passwords on a regular basis (who said passwords are like underwear?). On redhat and centos (5.x and 6.x), it's possible to make every real user password expires after 45 days, and warn them 7 days before. /etc/shadow entry then looks like : testuser:$6$m8VQ7BWU$b3UBovxC5b9p2UxLxyT0QKKgG1RoOHoap2CV7HviDJ03AUvcFTqB.yiV4Dn7Rj6LgCBsJ1.obQpaLVCx5.Sx90:15588:1:45:7::: It works very well and most users often change their passwords. Some users find it convenient not to use any password but ssh public key (and I'd like to encourage them). Then after 45 days they can't log in as they forgot their password and are asked to change it. Is there a way to prevent password expiration if and only if password is disabled? Setting testuser:!!:15588:1:45:7::: in /etc/shadow did not work : testuser is asked to change his password after 45 days. Of course, setting back password expiration to 99999 days works but : It requires extra work. Security auditors might not be happy. Is there a system wide parameter that would prompt the user to change expired password only if he really has one ?

    Read the article

  • Wake on Lan password.

    - by user18151
    I have a Windows 7 machine, with Intel 82567LM LAN Card. I am trying to enable Wake on Lan with password. Can somebody please tell me how to set the password for Wake on Lan. I shall be grateful for any pointers/links etc. Thanks. PS. Can someone please suggest a small utility for wake on lan, that supports password.

    Read the article

  • Change password via NetScreen remote

    - by Marcelo Cantos
    I'm using NetScreen remote to VPN from home. I recently changed my password at work, and now my home system keeps complaining, "Windows needs your current credentials to ensure network connectivity." I can't change the cached password for peanuts. I can't find an option in NetScreen remote to connect to the VPN before logging in, as suggested here. How do I change the cached password?

    Read the article

  • Unix Password Management Keyring

    - by Phil
    I am looking for a password manager for a command-line Unix environment. So far all I can find are keyring applications for Windows, Linux, and Mac. But no command-line Unix interfaces. My main goal is to be able to access a password keyring through an SSH connection to a machine that has no graphical user interface. If there are no good unix password keyrings out there, what would be a better way to store personal passwords in a central location?

    Read the article

  • Software to store my password on a crypted file and access it through another password

    - by Fire-Dragon-DoL
    I'm looking for a software that allows me to store some passwords in something like "a text file", access it through a password, read my passwords if required and close it again. I want something really straightforward, double click on file, right click "Add new password", add password, description and close. The file must be really secure, I'll store all my passwords there. I know about some command line solutions but I want my setup to be really fast on reading. Do someone know if such a software exist and can point me in the correct direction? I would like to find it freeware, but I'm ok with some low cost tools too.

    Read the article

  • Firefox's master password does not protect my web accounts

    - by Mehper C. Palavuzlar
    I've set up a master password in Firefox 3.6 but it's not working as I expected. I always save my passwords within Firefox for frequently visited sites like Facebook, Yahoo! mail, Gmail, Twitter etc. and this way I don't have to type in my password every time I open that site. When I open Firefox, it asks for the master password but when I click Cancel, it opens normally, and lets me directly in my Facebook page, or Yahoo! Mail page. Why doesn't it protect my accounts? This way, anyone using my computer can see my accounts and it's totally pointless for me to use this master password. How can I protect my accounts with saved passwords in Firefox?

    Read the article

  • BIOS password and hardware clock problems

    - by Slartibartfast
    I have HP 6730b lap top. I've bought it used and installed (Gentoo) linux on it. BIOS is protected with password, and guy I bought it from said "I've tweaked BIOS from Windows program, it never asked me for password". I've tried to erase password by removing battery, but it's still there. What did get erased obviously is hw clock. This is what hapends: a) I can leave lap top in January 1980 and it works b) I can correct system time, but boot wil fail with "superblock mount time in future" from where I need to manually do fsck and continue boot c) I can correct system time and sync it with hwclock -w but than it will behave as b) and it will reset BIOS time to 1.1.1980 00:00 So I need either a way to bypass a BIOS password (wich after lot of googling seems impossible),a way to persist a clock, or a setup that will enable hw clock in eighties, system clock in present time and normal boot.

    Read the article

  • Password Won't Work after Crash

    - by Jack Cornell
    My Win 7 computer locked up, so I shut it down (holding down the power button till it shut off). Logging back on, I got an error message that it couldn't load my profile (like I'm entering the wrong password). I logged on the guest account, but can't change anything because it won't accept my password. Is this a serious problem or do I just need to reset the password with one of the options available on your site?

    Read the article

  • KeePass lost password and/or corruption due to Dropbox/KeePassX

    - by GummiV
    I started using Keepass about a month ago to hold my passwords and online accounts info. Everything was stored in a single .kdb file, only protected with a password. I'm using Windows 7. Now Keepass can't open my .kdb file with the error "Invalid/wrong key". I'm fairly confident I have the right password. Altough I might have mixed up a few letters I've tried about two dozen different combinations to minimize that possibility - but can't rule it out though. My guess is however that the .kdb file got corrupted, either due to Dropbox syncing (only using it on one computer though) or because I edited the file using KeePassX on Ubuntu (dual boot on the same computer, accessing a mounted Win7 NTFS partition), or possibly a combination of both. I have tried restoring older versions(even the original one) from Dropbox and trying out all possible passwords without any luck. (which does seem to rule out KeePassX as the culprit, since oldest copies are before I edited the file from Ubuntu) I have tried opening the file with the "Repair KeePass Database file" which always gives the "0xA Invalid/corrupt file structure" (the same error for when a wrong password is typed). I was wondering if there was any way for me to salvage my hard-gathered data. I know generally that brute force cracking is not feasible, but since I can remember probably more than half of the usernames/passwords, any maybe the fact that one of them does come up fairly often (my go-to pass for trivial stuff), that might simplify the brute force process to a doable time frame. Maybe the brute-force thing might incorporate the fact that I know the password length and what characters it's made from. (If we assume corruption, not a password-blackout on my part) I could do some programming if there are any libraries or routines that I could use. Other people seem to have had a similar probem http://forums.dropbox.com/topic.php?id=6199 http://forums.dropbox.com/topic.php?id=9139 http://www.keepassx.org/forum/viewtopic.php?t=1967&f=1 So hopefully this question will become a suitible resource for people when searching the web. Feel free to tell me if you think this should rather be a community wiki.

    Read the article

  • Schedule of Password Expiration to a specific time

    - by elcool
    Is there a way in Windows Server 2003 or 2008 and in Active Directory, to specify in a policy that when a users password expires that day, to have it expire at a certain time, say 4:00am. The issue came up, because the expiration occurs during the middle of the working day, say 9:00am. Then when a user is already logged into Windows in the network, and using different applications, those will start behaving wrongly because of authentication. They have to log out and log back in, in order for Windows to ask for the new password. So, if when they log in early in the morning it would ask for the new password, then they won't have to log back out during the working day. One of the AD Admins said: "Have them check if their password will expire before starting the day".. but really, who does that? And I don't have access to an AD to check these types of policies. So, is this possible?

    Read the article

  • Password manager bug with Firefox 3.6.13

    - by Nicolas Buduroi
    I'm having trouble with the latest Firefox (3.6.13) password manager. For a website I'm working on, it doesn't fill the password field for any login credential saved. I've looked into the options "Saved passwords" list and they are all there with the correct passwords. I thought at first that the website was blocking this feature in some way, but the password managers in Chrome (on the same Windows 7 machine) and Iceweasel (in a virtual Debian 6 machine) work well. Any idea about what could cause this problem?

    Read the article

  • Firefox password manager - multiple logins for HTTP authentication

    - by pbarney
    When you're prompted to login to a site using HTTP authentication (the kind with the pop-up box requesting username/password), Firefox's password manager populates it with only the first stored password for that domain. Is there a way to have Firefox prompt for WHICH account should be used? It is unlike the normal HTML login forms in which you can just press the down arrow to select from multiple login accounts.

    Read the article

  • How to display password policy information for a user (Ubuntu)?

    - by C.W.Holeman II
    Ubuntu Documentation Ubuntu 9.04 Ubuntu Server Guide Security User Management states that there is a default minimum password length for Ubuntu: By default, Ubuntu requires a minimum password length of 4 characters Is there a command for displaying the current password policies for a user (such as the chage command displays the password expiration information for a specific user)? > sudo chage -l SomeUserName Last password change : May 13, 2010 Password expires : never Password inactive : never Account expires : never Minimum number of days between password change : 0 Maximum number of days between password change : 99999 Number of days of warning before password expires : 7 This is rather than examining various places that control the policy and interpreting them since this process could contain errors. A command that reports the composed policy would be used to check the policy setting steps.

    Read the article

  • Network Password Recovery

    - by sneakyV
    I am trying to recover a password for my network. It's set up like this: a network of computers, and a central server which authenticates login-passwords entered, and is also a network share. Username looks like administrator@abc. I tried to recover the password hashes from the individual CPUs, they gave this : FAFEA8FAF0D8D61FAAD3B435B51404EE. This decodes to GAGCAU and a null hash after. This password does not work for logging in to the network. Is there a way to recover the password for the network share from a non-admin network account? Thanks in advance.

    Read the article

  • What is meant by "no password set" for root account (and otthers)?

    - by MMA
    Several years back, we were more accustomed to changing to the root account using the su command. First, we switched to the root account, and then executed those root commands. Now we are more accustomed to using the sudo command. But we know that the root account is there. We can readily find the home directory of user root. $ ls -ld /root/ drwx------ 18 root root 4096 Oct 22 17:21 /root/ Now my point is, it is stated that "the root password in Ubuntu is left unset". Please see the answers to this question. Most of the answers have something to this effect in the first paragraph. One or two answers further state that "the account is left disabled". Now my (primary) questions are, What is meant by an unset password? Is it blank? Is it null? Or something else more cryptic? How does the account becomes enabled once I set password for it? (sudo password root) In order get a better understanding, I checked the /etc/shadow file. Since I have already set a password for the root account, I can no longer see what is there (encrypted password). So, I created another account and left it disabled. The corresponding entry in the /etc/shadow file is, testpassword:!:16020:0:99999:7::: Now perhaps my above queries need to be changed to, what does an ! in password field mean? Other encrypted passwords are those very long cryptic strings. How come this encrypted form is only one character long? And does an account become disabled if I put an ! in the (encrypted) password field?

    Read the article

  • Why do some user agents have spam urls in them (and why are they always Opera/Presto User-Agents)?

    - by Erx_VB.NExT.Coder
    If you go to (say) the last 100 entries (visits) to the botsvsbrowsers.com website (exact link, feel free to take a look: http://www.botsvsbrowsers.com/recent/listings/index.html ), you'd notice that almost every User Agent that has the keywords "Opera" and "Presto" inside them, will almost certainly have a web link (URL/Web Address) inside it, and it won't just be a normal web address, but a HTML anchor tag/link to that address. Why is this so, I could not even find a single discussion about it on the internet, nowhere, I tried varying my search terms many times. If the user agent contains the words "Opera" and "Presto" it doesnt mean it will have this weblink, but it means there is about an 80% change that it will. A typical anchor tag/link inside a user agent will look like this: Mozilla/4.0 <a href="http://osis-uk.co.uk/disabled-equipment">disability equipment</a> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60 If you check it out at the website, http://www.botsvsbrowsers.com/recent/listings/index.html you will notice that the back and forward arrows are in there unescaped format. This isn't just true for botsvsbrowsers, but several other user agent listing sites. I'm really confused and feel line I'm in a room full of 10,000 people and am the only one seeing this ghost :). If I'm doing statistical analysis, should I include or exclude this type of user agent from my listing (ie: are these just normal users who've set their user agents to attempt to drive some traffic to their sites as they browser the web), or is there something else going on? The fact that it is so consistent in terms of its format leads me to believe that it is an automated process (the setting or alteration of the user agent) so I cannot decide or understand the process by which this change is made (I know how to change a user agent), but unsure which program or facility is doing this, especially since it is exclusive to Opera (Presto) user agents that are beyond I think an 8 or 9 point something browser version. I've run some statistical tests, parsing entries from all over the place, writing custom programs, to get a better understanding of this. Keep in mind that I see normal URL's in user agents infrequently, they are just text such as +http://www.someSite.com appended to a user agent normally, especially if its a crawler or bot it provided its service URL, this is normal and isnt done with an embedded link (A HREF=) etc, so I'm not talking about "those".

    Read the article

  • trying to set and use a password via commandline using ultraVNC on windows server 2003 vnc

    - by mustafa
    Okay, so I installed ultravnc on windows server 2003. It uses the ultravnc.i.i file to store password and configuration information. But I'd like to be able to set the password using the command line. There is a tool called vncpwd: http://www.sysworksoft.net/products/vncpwd.html But it's old, and when you use it to change the password, it changes the password in the system registry instead of the ultravnc.ini file. But, you can set ultravnc to use the registry instead of the ini file. Success? No. I set ultravnc to use the registry (which stores the hashed password that I set using vncpwd), but, it still uses the password in the .ini file. does anyone know what gives.

    Read the article

  • Logging in with a different password than the database password, PHPMyAdmin

    - by Andrew M
    I am trying to install PHPMyAdmin on my server to manage my MySQL databases. Right now I have only one I want to add, but I would like to be able to manage multiple databases from the same account on PHPMyAdmin. How would I configure PMA so I could login with "andrew" and a password of "examplepassword" instead of the annoyingly long and unchangeable database user and password I am provided (ie. db3483478234, password of random characters)? I can't seem to find an area to specify a different password than the regular database username and password.

    Read the article

  • Cannot change password for user postgres in postgresql

    - by dhaval
    I have made the following entry in pg_hba.conf local all all trust but still su postgres does not accept blank as password. I am not able to run psql nor pg_ctl for same reason as most of the files are owned by postgres. EDIT1 dhaval@ubuntu:~$ su -c "pg_ctl reload -D template1" Password: su: Authentication failure dhaval@ubuntu:~$ su -c psql Password: su: Authentication failure I am giving the root password above but I guess its expecting "postgres" superuser password. I dont have the same. I need to reset it. EDIt2 dhaval@ubuntu:~$ sudo -i -u postgres [sudo] password for dhaval: postgres@ubuntu:~$ psql Welcome to psql 8.3.7, the PostgreSQL interactive terminal. The above has taken me postgreSQL command prompt. But I am still not sure why the "trust" was not working.

    Read the article

  • How to let users change linux password from web browser?

    - by wag2639
    I'm not sure if this is a stackoverflow question or serverfault but here goes: I have an Ubuntu 10.04 file server (Samba/FTP/HTTP) and I would like to have the ability to give users the ability to change their password to the server using their web browser. I've written a similar script before using PHP and a mess of exec but I believe that isn't secure because it can be listened to by someone looking at the list of processes on the server. Is there some kind of plugin (PHP or Python or other) that can do this easily? I rather not use something like webmin as it's overkill for this.

    Read the article

  • Interpretation of empty User-agent

    - by Amit Agrawal
    How should I interpret a empty User-agent? I have some custom analytics code and that code has to analyze only human traffic. I have got a working list of User-agents denoting human traffic, and bot traffic, but the empty User-agent is proving to be problematic. And I am getting lots of traffic with empty user agent - 10%. Additionally - I have crafted the human traffic versus bot traffic user agent list by analyzing my current logs. As such I might be missing a lot of entries in there. Is there a well maintained list of user agents denoting bot traffic, OR the inverse a list of user agents denoting human traffic?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 3 4 5 6 7 8 9 10 11 12 13 14  | Next Page >