Search Results

Search found 1522 results on 61 pages for 'passwords'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 8/61 | < Previous Page | 4 5 6 7 8 9 10 11 12 13 14 15  | Next Page >

  • Suggestions for library to hash passwords in JAVA

    - by DutrowLLC
    What JAVA library should I be using to Hash passwords for storage in a database? I was hoping to just take the plain text password, add a random salt, then store the salt and the hashed password in the database. Then when a user wanted to log in, I could just take their submitted password, add the random salt from their account information, hash it and see if it equates to the stored hash password with their account information.

    Read the article

  • storing original password text

    - by Richard
    My application stores external website login/passwords for interaction with them. To interact with these website I need to use the original password text, so storing just the hash in my database is not going to work. How should I store these passwords?

    Read the article

  • Encrypt hashed passwords?

    - by Industrial
    Hi everyone, Is it common sense to encrypt hashed&salted passwords that are stored in a database with a strong encryption (AES 192 or so) or are we just aiming for the stars? Of course, the encryption key will not be in the database itself, but will be kept at a safe place. Thanks a lot!

    Read the article

  • What is the best tool to sync browser passwords and bookmarks?

    - by jgbelacqua
    Sadly, everything I've tried so far has been painful to manage between two computers, (even between different browsers on the same computer). So, right now I have different aggregations of bookmarks passwords in xmarks, delicious, google bookmarks, firefox sync, text files, and in figaro password manager (fpm2). I've also tried to use bindwood in the past. What I would like to do is merge all bookmarks and passwords into some solution that actually works either with tools available under Ubuntu, or with a browser-based tool (addon/plugin/extension) which works between between google-chrome/chromium, and firefox. It would be ideal if there was an ability to send and store passwords encrypted (if not on my own server). Whatever the method, I need the ability to have import from existing sources. (It doesn't have to be pretty, just repeatable.) It's possible that some things I've ruled out are now workable (e.g., xmarks broke for me at one point because I hit their bookmark limit for the server/account, and bindwood, firefox sync were firefox only).

    Read the article

  • Ubuntu: How to login without entering username and password

    - by torbengb
    I'm a newbie running Ubuntu 9.10. I have two users (wife and me), and each user's screensaver is set to lock so that on wakeup, we get to choose which user's desktop to go to. However, Ubuntu requires a password, so this is pretty tedious. I'd like to switch users without entering any password. I know about this trick that works for the boot login, but it doesn't deal with multiple users. Is it possible to set empty passwords for users in Ubuntu, or skip the password in other ways? (I'm expecting real Linux users to suggest that passwordless users must not get any rights and there be an admin user with a strong password. Yes, you're right. But that's not what this question is about. Thanks.)

    Read the article

  • How to switch users without entering password

    - by torbengb
    I'm a newbie running Ubuntu 9.10. I have two users (wife and me), and each user's screensaver is set to lock so that on wakeup, we get to choose which user's desktop to go to. However, Ubuntu requires a password, so this is pretty tedious. I'd like to switch users without entering any password. I know about this trick that works for the boot login, but it doesn't deal with multiple users. Is it possible to set empty passwords for users in Ubuntu, or skip the password in other ways? (I'm expecting real Linux users to suggest that passwordless users must not get any rights and there be an admin user with a strong password. Yes, you're right. But that's not what this question is about. Thanks.)

    Read the article

  • Force a Windows 7 user to change password when it has expired

    - by Joshua King
    Is it possible to force users (on Windows 7 PCs) to change their password once it has expired? Currently our users get notifications that their passwords will expire in 7, 3, 2 and 1 days but once the password has expired they are still able to log into their machines with the expired password. Most of our users ignore the warnings and don't change their password until we tell them they have to (when they ring Help Desk asking why their email and intranet isn't working). From memory, Windows XP machines would show a message at login that the password had expired and then offer the change password screen. Is it possible to do the same thing under Win7? Similar to how if you set a user's account to "must change password at next login" it gives the change password screen automatically.

    Read the article

  • alternatives to roboform

    - by ldigas
    Yes, I know there is already a few similar questions. Is there an alternative to RoboForm (which for some reason makes my FF very slow, because of some other extensions) which has the same way of working. What I mean, you click on ... and it opens a new tab with the page in question, and logs on to it (so no databases, and such ...). One other advantage would be if it kept passwords locally. Basically, I'm looking for RoboForm other than RoboForm. Anyone knows of any ?

    Read the article

  • Resetting Windows 8 password

    - by Jonathan
    Hello does anyone know of a way to remove or reset windows passwords in windows 8. Without logging in to windows first. In Windows 7 I used Hirens but it is not working for Windows 8. - I am talking about local user account password not Microsoft online accounts like @hotmail.com or domain accounts those can be reset. The scenario is a computer running Windows 8 with a local only user and the client forgot the password to the only active account. Is there a way to remove or reset that password?

    Read the article

  • My gmail password hacked in Firefox?

    - by ellockie
    While writing a message using Firefox suddenly my gmail login details, including password, were pasted into the body of my message at the current cursor position and in the browser's find field (whole password and a bit of email address in the latter). I don't store my passwords in the browser nor in any of it's addons, although I keep it in one of Chrome's extensions. I don't use whole email address to login, only the user name, so it's very strange and worrying. I must admit I clicked some suspicious link the same day (by checking the root of the domain first), but I quickly closed that page and after that I haven't used that password. Both Avira and Spybot didn't detect anything. What was it and what can I do to make sure my browser is safe?

    Read the article

  • How to login without entering username and password

    - by torbengb
    I'm a newbie running Ubuntu 9.10. I have two users (wife and me), and each user's screensaver is set to lock so that on wakeup, we get to choose which user's desktop to go to. However, Ubuntu requires a password, so this is pretty tedious. I'd like to switch users without entering any password. I know about this trick that works for the boot login, but it doesn't deal with multiple users. Is it possible to set empty passwords for users in Ubuntu, or skip the password in other ways? (I'm expecting real Linux users to suggest that passwordless users must not get any rights and there be an admin user with a strong password. Yes, you're right. But that's not what this question is about. Thanks.)

    Read the article

  • Custom Rule Sets in JohnTheRipper

    - by user854619
    I'm trying to create a custom rule set to do hash cracking. I have a SHA1 hash and a rule set that was enforced to create the password. The password must be of the form, 6-8 characters Every other letter changes case Password "shifts" characters at least one degree and at most three One odd number and one even number are at the beginning of the password One special character and one punctuation character are appended to the end of the password How can I defined a brute force attack in JohnTheRipper or similar hash cracking program? I've also attempted to write code to generate a wordlist of possible passwords, with no success. Thanks!

    Read the article

  • Get into the router setting without knowing the password [on hold]

    - by Aron
    So my father has changed the router passwords, and programed the router to turn my wifi connection off automaticly at some times, for example at night. I wanted to know if there is any way I can trick this feature? Can i change my ip in some way, the router won't recognize my ip, so my new ip would have internet connection? Is it any way i can get into the router settings and turn that feature off without knowing the router password? Would be happy if I could get replies as soon as possible!

    Read the article

  • Cross-platform centralized desktop password manager

    - by Dave
    I have been using KeePass as a desktop password manager on Windows for many years. Love it! However, I am now needing to work on different platforms much of my day (Windows 7, Windows XP, Mac OS X, Ubuntu, and OpenSUSE.) I'm looking for a password manager I can share across all these platforms. My ideal solution would: Run natively (not in a virtual machine) on all platforms. Store the "official" copy of the password data on a local network so I can get to it from any and all machines. It is OK if it locks (or becomes read-only) when one client is accessing it. Keep a local cached copy (read-only is fine) so I can still get to my passwords when disconnected from the network. Does any such beast exist?

    Read the article

  • Div click and AUTOCOMPLETE password dialog problem

    - by ticky
    And what if you want to autocomplete passwords? I am using similar thing here... I am using Div (id=loginButton) and it has some image - I don't want button control in MVC application (), neither image button. I have hidden input control which is hidden button actually (id=submit_btn). So, on div's (id=loginButton) click, I want to call hidden input control (id=submit_btn) and it's submit action. HTML: <div id="loginButton" > </div> <input type="submit" style="display:none" name="submit" id="submit_btn" /> And JQuery: $(document).ready(function() { $('#loginButton').click(function() { $('#LoginForm').submit(); }); $("form[action$='HandleLoginForm']").submit(function() { Login(); return false; }); return false; }); Function Login() is working with Ajax, without downloading file dialog, but I need also auto complete passwords dialog. function Login() { var urlData = $("#LoginForm").serialize(); if (returnUrl != "") { urlData = $("#LoginForm").serialize() + "&returnUrl=" + returnUrl; } $.ajax({ url: $("#LoginForm").attr("action"), type: "POST", data: urlData, dataType: "json", success: function(result) { if (result.Content != null) { if (result.Valid) { window.location = result.Content.toString(); } else { document.body.innerHTML = result.Content.toString(); } } } }); return false; } It is easy when you use only <input type="submit"> instead of DIV. Form knows that it is for auto completing passwords, but if I use div and force hidden button click like in the code from below, it doesn't show autocomplete password dialog. $('#submit_btn').click(); It will not work. User is logged in, but no reminding for browser to store password. I need this.

    Read the article

  • Microsoft.Web.Administration.ServerManager can't read config sections containing encrypted passwords

    - by Dylan Beattie
    I have some sites in IIS7 that are configured to run as domain users (MYDOMAIN\someuser). I'm using the Microsoft.Web.Administration namespace to scan my server configuration, but it's throwing an exception when I hit one of these "impersonator" sites: using (ServerManager sm = new ServerManager()) { foreach (Site site in sm.Sites) { foreach (Application app in site.Applications.Reverse()) { foreach (VirtualDirectory vdir in app.VirtualDirectories.Reverse()) { var config = app.GetWebConfiguration(); foreach (var locationPath in config.GetLocationPaths()) { // error occurs in GetLocationPaths() } } } } } The actual error message is: COMException was unhandled Filename: \\?\C:\Windows\system32\inetsrv\config\applicationHost.config Line number: 279 Error: Failed to decrypt attribute 'password' because the keyset does not exist It appears that IIS is storing the MYDOMAIN\someuser password encrypted in applicationHost.config, which is great in terms of security - but I have no idea how to get the ServerManager to decrypt this. Any tips on how I can either allow ServerManager to decrypt this, or just tell IIS to store the passwords in plain text? This is on IIS7 under Windows 7 RC, by the way.

    Read the article

  • Microsoft.Web.Administration.ServerManager can't read config sections containing encrypted passwords in applicationHost.config

    - by Dylan Beattie
    I have some sites in IIS7 that are configured to run as domain users (MYDOMAIN\someuser). I'm using the Microsoft.Web.Administration namespace to scan my server configuration, but it's throwing an exception when I hit one of these "impersonator" sites: using (ServerManager sm = new ServerManager()) { foreach (Site site in sm.Sites) { foreach (Application app in site.Applications.Reverse()) { foreach (VirtualDirectory vdir in app.VirtualDirectories.Reverse()) { var config = app.GetWebConfiguration(); foreach (var locationPath in config.GetLocationPaths()) { // error occurs in GetLocationPaths() } } } } } The actual error message is: COMException was unhandled Filename: \\?\C:\Windows\system32\inetsrv\config\applicationHost.config Line number: 279 Error: Failed to decrypt attribute 'password' because the keyset does not exist It appears that IIS is storing the MYDOMAIN\someuser password encrypted in applicationHost.config, which is great in terms of security - but I have no idea how to get the ServerManager to decrypt this. Any tips on how I can either allow ServerManager to decrypt this, or just tell IIS to store the passwords in plain text? This is on IIS7 under Windows 7 RC, by the way.

    Read the article

  • how to store passwords in database?

    - by rgksugan
    I use jsp and servlets in my web application. i need to store passwords in the database. I found that hashing will be the best way to do that. I used this code to do it. java.security.MessageDigest d = null; d = java.security.MessageDigest.getInstance("SHA-1"); d.reset(); d.update(pass.getBytes("UTF-8")); byte b[] = d.digest(); String tmp = (new BASE64Encoder()).encode(b); When i tried to print the value of tmp, i get some other value.i guess its the hash value of the password. But when i persist this data to the database the original password gets saved there other than the value in tmp.. What is the problem???

    Read the article

  • authentication of webapps when passwords are hashed with bcrypt

    - by dubreakkk
    I created a GWT project which requires authentication. Initially, the users' passwords were in plain text, but now I would like to hash them with BCrypt. I searched but I cannot find a place describing how to make Jetty authenticate against a BCrypt hashed password. I'm sending the password to the server using a FORM in plain text and over SSL. What do I need to do to make Jetty hash this password and compare it to the one in the database? Thank you;

    Read the article

  • Security issues in accepting passwords vs auto generating the password

    - by Vivekanand Poojari
    Hi, I am developing a console application. This application generates a self signed certificate and installs it in the current machine's certificate store. The steps invlolved are :- Generate a certificate Create a pfx file Install the pfx file For these steps i would need a password for protecting the private key and the pfx file. However these passwords are used only during the execution of the exe. Should I auto generate a password using some random number generation algorithm or accept the password as input from the user? What are the security issues involved in both the scenarios ? Thanks Vivekanand

    Read the article

  • Password Cracking Windows Accounts

    - by Kevin
    At work we have laptops with encrypted harddrives. Most developers here (on occasion I have been guilty of it too) leave their laptops in hibernate mode when they take them home at night. Obviously, Windows (i.e. there is a program running in the background which does it for windows) must have a method to unencrypt the data on the drive, or it wouldn't be able to access it. That being said, I always thought that leaving a windows machine on in hibernate mode in a non-secure place (not at work on a lock) is a security threat, because someone could take the machine, leave it running, hack the windows accounts and use it to encrypt the data and steal the information. When I got to thinking about how I would go about breaking into the windows system without restarting it, I couldn't figure out if it was possible. I know it is possible to write a program to crack windows passwords once you have access to the appropriate file(s). But is it possible to execute a program from a locked Windows system that would do this? I don't know of a way to do it, but I am not a Windows expert. If so, is there a way to prevent it? I don't want to expose security vulnerabilities about how to do it, so I would ask that someone wouldn't post the necessary steps in details, but if someone could say something like "Yes, it's possible the USB drive allows arbitrary execution," that would be great! EDIT: The idea being with the encryption is that you can't reboot the system, because once you do, the disk encryption on the system requires a login before being able to start windows. With the machine being in hibernate, the system owner has already bypassed the encryption for the attacker, leaving windows as the only line of defense to protect the data.

    Read the article

  • Can I get all active directory passwords in clear text using reversible encryption?

    - by christian123
    EDIT: Can anybody actually answer the question? Thanks, I don't need no audit trail, I WILL know all the passwords and users can't change them and I will continue to do so. This is not for hacking! We recently migrated away from a old and rusty Linux/Samba domain to an active directory. We had a custom little interface to manage accounts there. It always stored the passwords of all users and all service accounts in cleartext in a secure location (Of course, many of you will certainly not think of this a being secure, but without real exploits nobody could read that) and disabled password changing on the samba domain controller. In addition, no user can ever select his own passwords, we create them using pwgen. We don't change them every 40 days or so, but only every 2 years to reward employees for really learning them and NOT writing them down. We need the passwords to e.g. go into user accounts and modify settings that are too complicated for group policies or to help users. These might certainly be controversial policies, but I want to continue them on AD. Now I save new accounts and their PWGEN-generated (pwgen creates nice sounding random words with nice amounts of vowels, consonants and numbers) manually into the old text-file that the old scripts used to maintain automatically. How can I get this functionality back in AD? I see that there is "reversible encryption" in AD accounts, probably for challenge response authentication systems that need the cleartext password stored on the server. Is there a script that displays all these passwords? That would be great. (Again: I trust my DC not to be compromised.) Or can I have a plugin into AD users&computers that gets a notification of every new password and stores it into a file? On clients that is possible with GINA-dlls, they can get notified about passwords and get the cleartext.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 4 5 6 7 8 9 10 11 12 13 14 15  | Next Page >