Search Results

Search found 1522 results on 61 pages for 'passwords'.

Page 9/61 | < Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16  | Next Page >

  • Help decrypting in ColdFusion passwords created in .NET

    - by KnightStalker
    I have a SQL db storing passwords that were encrypted through a .NET application, that I need to decrypt through a ColdFusion app. I just can't seem to get things set upproperly for the CF decryption to work. Any help would by appreciated. Thanks. The .NET decryption code is: public string Decrypt(string input) { try { DESCryptoServiceProvider des = new DESCryptoServiceProvider(); int ZeroBasedByteCount = (input.Length / 2); //Put the input string into the byte array byte[] inputByteArray = new byte[ZeroBasedByteCount]; int i; int x; for (x = 0;x<ZeroBasedByteCount;x++) { i = (Convert.ToInt32(input.Substring(x * 2, 2), 16)); inputByteArray[x] = (byte)i; } //Create the crypto objects des.Key = ASCIIEncoding.ASCII.GetBytes(key); des.IV = ASCIIEncoding.ASCII.GetBytes(key); MemoryStream ms = new MemoryStream(); CryptoStream cs = new CryptoStream(ms, des.CreateDecryptor(), CryptoStreamMode.Write); //Flush the data through the crypto stream into the memory stream cs.Write(inputByteArray, 0, inputByteArray.Length); cs.FlushFinalBlock(); //Get the decrypted data back from the memory stream StringBuilder ret = new StringBuilder(); foreach(byte b in ms.ToArray()) { ret.Append((char)b); } return ret.ToString(); } catch(Exception ex) { throw(ex); return null; } }

    Read the article

  • does it make sense to send password information during email communication from websites

    - by Samuel
    Most of the online sites on registration do send a link to activate the site and on any further correspondence with the end user they provide information about the site and also provide the login credentials with password in clear text (as given below) Username - [email protected] Password - mysecretpassword What would you do in such a case? From a usability perspective does it make sense to send the password information in clear text or should you just avoid sending this information. I was under the impression that most of the passwords are MD5 hashed before storing in the database and hence the service provider will not have any access to clear text passwords, is this a security violation?

    Read the article

  • Password generation, best practice

    - by Aidan
    I need to generate some passwords, I want to avoid characters that can be confused for each other. Is there a definitive list of characters I should avoid? my current list is il10o8B3Evu![]{} Are there any other pairs of characters that are easy to confuse? for special characters I was going to limit myself to those under the number keys, though I know that this differs depending on your keyboards nationality! As a rider question, I would like my passwords to be 'wordlike'do you have a favoured algorithm for that? Thanks :)

    Read the article

  • MS Securily Essentials efficiency / usage, suspicious processes

    - by biggvsdiccvs
    I recently noticed that my (originally pretty fast) Windows 7 Pro laptop started getting slow and using a lot of CPU power for no apparent reason. A full scan by Microsoft Security Essentials revealed nothing. After some investigation, I found multiple instances of a strange process called urpev.exe and a couple of similar exe files sitting in subdirectories of Users//AppData/Roaming (this particular one was in a folder called Xyceowme). Description: "Mescrosift Visaal Studie 2010". Company name: "Mesrosift Corporatien". Is it a virus or something? :) Now, all of these exe files were scheduled to be started from the Task Scheduler by tasks with names like "Security Center Update - 1291373911" and similar. My user name was listed as the author of the tasks. I disabled the tasks, restarted the computer in safe mode and moved all of the exe files to quarantine for further investigation. All of this was done last night. I just scanned the files with Security Essentials again (not updated since yesterday) in the quarantine location and this time it found PWS:Win32/Zbot.gen!plock in urpev.exe (but not in the other exe files, which are most likely viruses, too). Category: Password Stealer Description: This program is dangerous and captures user passwords. Another strange process is browser.exe (not chrome.exe) by Google Inc., described as Google Chrome. I uninstalled Chrome but it's still there. It runs out of Users\\AppData\LocalLow\UIVoice\ToolMedium\browser.exe and if I move it in safe mode, it just reappears there, and multiple instances run. Needless to say, it I kill it, it just runs again. Couldn't see anything in Task Scheduler, but found a couple of references to it in the Registry Editor: HKEY_CURRENT_USER/Software/Microsoft/Internet Explorer/LowRegistry/Audio/PolicyConfig/PropertyStore/ HKEY_USERS/S-1-5-21-1685709306-872053864-2599010960-1002/Software/Microsoft/Internet Explorer/LowRegistry/Audio/PolicyConfig/PropertyStore/ Maybe it's a legit process, but seems kind of strange. For the time being, I suspended the process and killed all of the child processes when I booted up the laptop. I used Security Essentials to scan the system periodically, but obviously it's not effective at least against one virus. I had the "real-time protection" turned off. Would it help if it were turned on and how much of a nuisance would it be? I wonder if there is a better alternative to Security Essentials. Over the years I've used multiple antivirus products at home and especially at work and was not very happy with any of them. Apparently, asking for software recommendations or comparisons is taboo here, but I will mention that I installed Malware Bytes and it was able to find an quarantine a bunch of suspicious files, and at least some of which were truly infected, but when it scans the bogus security center update executables from Mesrosift Corporatien, it finds nothing wrong. Also, any thoughts on the browser.exe mystery? Neither MS Security Essentials nor Malware Bytes found anything wrong with that file. However, after I ran a Malware Bytes scan and quarantined everything it found suspicious and rebooted the laptop, the process did not run.

    Read the article

  • Java, LDAP: Make it not ignore blank passwords?

    - by Steve
    I'm maintaining some legacy Java LDAP code. I know next to nothing about LDAP. The program below basically just sends the userid and password to the LDAP server, receives notification back if the credentials are good. If so, it prints out the LDAP attributes received from the LDAP server, if not it prints out an exception. All works well if a bad password is given. An "invalid credentials" exception gets thrown. However, if a blank password is sent to the LDAP Server, authentication will still happen, LDAP attributes will still be returned. Is this unhappy situation due to the LDAP server allowing blank passwords, or does the code below need to be adjusted such a blank password will get fed to the LDAP server in such a way so it will get rejected? I do have data validation in place. I took it off in a testing environment to solve another issue and noticed this problem. I would prefer not to have this problem underneath the data validation. Thanks much in advance for any information import javax.naming.*; import javax.naming.directory.*; import java.util.*; import java.sql.*; public class LDAPTEST { public static void main(String args[]) { String lcf = "com.sun.jndi.ldap.LdapCtxFactory"; String ldapurl = "ldaps://ldap-cit.smew.acme.com:636/o=acme.com"; String loginid = "George.Jetson"; String password = ""; DirContext ctx = null; Hashtable env = new Hashtable(); Attributes attr = null; Attributes resultsAttrs = null; SearchResult result = null; NamingEnumeration results = null; int iResults = 0; int iAttributes = 0; env.put(Context.INITIAL_CONTEXT_FACTORY, lcf); env.put(Context.PROVIDER_URL, ldapurl); env.put(Context.SECURITY_PROTOCOL, "ssl"); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PRINCIPAL, "uid=" + loginid + ",ou=People,o=acme.com"); env.put(Context.SECURITY_CREDENTIALS, password); try { ctx = new InitialDirContext(env); attr = new BasicAttributes(true); attr.put(new BasicAttribute("uid",loginid)); results = ctx.search("ou=People",attr); while (results.hasMore()) { result = (SearchResult)results.next(); resultsAttrs = result.getAttributes(); for (NamingEnumeration enumAttributes = resultsAttrs.getAll(); enumAttributes.hasMore();) { Attribute a = (Attribute)enumAttributes.next(); System.out.println("attribute: " + a.getID() + " : " + a.get().toString()); iAttributes++; }// end for loop iResults++; }// end while loop System.out.println("Records == " + iResults + " Attributes: " + iAttributes); }// end try catch (Exception e) { e.printStackTrace(); } }// end function main() }// end class LDAPTEST

    Read the article

  • iPhone SQLite Password Field Encryption

    - by Louis Russell
    Good Afternoon Guys and Girls, Hopefully this will be a quick and easy question. I am building an App that requires the user to input their login details for an online service that it links to. Multiple login details can be added and saved as the user may have several accounts that they would like to switch between. These details will be stored in an SQLite database and will contain their passwords. Now the questions are: 1: Should these passwords be encrypted in the database? My instinct would say yes but then I do not know how secure the device and system is and if this is necessary. 2: If they should be encrypted what should I use? I think encrypting the whole database file sounds a bit over-kill so should I just encrypt the password before saving it to the database? If this is case what could I use to achieve this? I have found reference to a "crypt(3)" but am having trouble finding much about it or how to implement it. I eagerly await your replies!

    Read the article

  • Password Cracking in 2010 and Beyond

    - by mttr
    I have looked a bit into cryptography and related matters during the last couple of days and am pretty confused by now. I have a question about password strength and am hoping that someone can clear up my confusion by sharing how they think through the following questions. I am becoming obsessed about these things, but need to spend my time otherwise :-) Let's assume we have an eight-digit password that consists of upper and lower-case alphabetic characters, numbers and common symbols. This means we have 8^96 ~= 7.2 quadrillion different possible passwords. As I understand there are at least two approaches to breaking this password. One is to try a brute-force attack where we try to guess each possible combination of characters. How many passwords can modern processors (in 2010, Core i7 Extreme for eg) guess per second (how many instructions does a single password guess take and why)? My guess would be that it takes a modern processor in the order of years to break such a password. Another approach would consist of obtaining a hash of my password as stored by operating systems and then search for collisions. Depending on the type of hash used, we might get the password a lot quicker than by the bruteforce attack. A number of questions about this: Is the assertion in the above sentence correct? How do I think about the time it takes to find collisions for MD4, MD5, etc. hashes? Where does my Snow Leopard store my password hash and what hashing algorithm does it use? And finally, regardless of the strength of file encryption using AES-128/256, the weak link is still my en/decryption password used. Even if breaking the ciphered text would take longer than the lifetime of the universe, a brute-force attack on my de/encryption password (guess password, then try to decrypt file, try next password...), might succeed a lot earlier than the end of the universe. Is that correct? I would be very grateful, if people could have mercy on me and help me think through these probably simple questions, so that I can get back to work.

    Read the article

  • Python-based password tracker (or dictionary)

    - by Arrieta
    Hello: Where we work we need to remember about 10 long passwords which need to change every so often. I would like to create a utility which can potentially save these passwords in an encrypted file so that we can keep track of them. I can think of some sort of dictionary passwd = {'host1':'pass1', 'host2':'pass2'}, etc, but I don't know what to do about encryption (absolutely zero experience in the topic). So, my question is really two questions: Is there a Linux-based utility which lets you do that? If you were to program it in Python, how would you go about it? A perk of approach two, would be for the software to update the ssh public keys after the password has been changed (you know the pain of updating ~15 tokens once you change your password). As it can be expected, I have zero control over the actual network configuration and the management of scp keys. I can only hope to provide a simple utility to me an my very few coworkers so that, if we need to, we can retrieve a password on demand. Cheers.

    Read the article

  • Setting bluetooth passcode on a HP Notebook

    - by Glenn Slaven
    I've got a HP Compaq nx6320 & I just installed the HP bluetooth drivers (WinXP) and I'm trying to pair my Samsung Windows Mobile phone with it, but when I do, the phone asks me to enter the passcode for the computer, but I never set one in the install process & I've got no idea how to set it now. Does anyone know where this option is?

    Read the article

  • Bypass BIOS password set by faulty Toshiba firmware on Satellite A55 laptop?

    - by Brian
    How can the CMOS be cleared on the Toshiba Satellite A55-S1065? I have this 7 year old laptop that has been crippled by a glitch in its BIOS: 'A "Password =" prompt may be displayed when the computer is turned on, even though no power-on password has been set. If this happens, there is no password that will satisfy the password request. The computer will be unusable until this problem is resolved. [..] The occurrence of this problem on any particular computer is unpredictable -- it may never happen, but it could happen any time that the computer is turned on. [..] Toshiba will cover the cost of this repair under warranty until Dec 31, 2010.' -Toshiba As they stated, this machine is "unusable." The escape key does not bypass the prompt (nor does any other key), thus no operating system can be booted and no firmware updates can be installed. After doing some research, I found solutions that have been suggested for various Toshiba Satellite models afflicted by this glitch: "Make arrangements with a Toshiba Authorized Service Provider to have this problem resolved." -Toshiba (same link). Even prior to the expiration of Toshiba's support ("repair under warranty until Dec 31, 2010"), there have been reports that this solution is prohibitively expensive, labor charges accruing even when the laptop is still under warranty, and other reports that are generally discouraging: "They were unable to fix it and the guy who worked on it said he couldn’t find the jumpers on the motherboard to clear the BIOS. I paid $39 for my troubles and still have the password problem." - Steve. Since the costs of the repairs can now exceed the value of the hardware, it would seem this is a DIY solution, or a non-solution (i.e. the hardware is trash). Build a Toshiba parallel loopback by stripping and soldering the wires on a DB25 plug to connect connect these pins: 1-5-10, 2-11, 3-17, 4-12, 6-16, 7-13, 8-14, 9-15, 18-25. -CGSecurity. According to a list of supported models on pwcrack, this will likely not work for my Satellite A55-1065 (as well as many other models of similar age). -pwcrack Disconnect the laptop battery for an extended period of time. Doesn't work, laptop sat in a closet for several years without the battery connected and I forgot about the whole thing for awhile. The poor thing. Clear CMOS by setting the proper jumper setting or by removing the CMOS (RTC) battery, or by short circuiting a (hidden?) jumper that looks like a pair of solder marks -various sources for various Satellite models: Satellite A105: "you will see C88 clearly labeled right next the jack that the wireless card plugs into. There are two little solder squares (approx 1/16") at this location" -kerneltrap Satellite 1800: "Underneath the RAM there is black sticker, peel off the black sticker and you will reveal two little solder marks which are actually 'jumpers'. Very carefully hold a flat-head screwdriver touching both points and power on the unit briefly, effectively 'shorting' this circuit." -shadowfax2020 Satellite L300: "Short the B500 solder pads on the system board." -Lester Escobar Satellite A215: "Short the B500 solder pads on the system board." -fixya Clearing the CMOS could resolve the issue, but I cannot locate a jumper or a battery on this board. Nothing that looks remotely like a battery can be removed (everything is soldered). I have looked closely at the area around the memory and do not see any obvious solder pads that could be a secret jumper. Here are pictures (click for full resolution) : Where is the jumper (or solder pads) to short circuit and wipe the CMOS on this board? Possibly related questions: Remove Toshiba laptop BIOS password? Password Problem Toshiba Satellite..

    Read the article

  • How do I reset my BIOS password on a Advent 4211 Netbook?

    - by SocialAddict
    The title says it all really but I was hoping for a software solution to remove the password or find out what it is or even change it. It's my laptop but I can't remember what I set the BIOS password too. I know on a PC to take out the battery and clear it with the jumpers but on a laptop I'm slightly scared of breaking something. Any help would be appreciated as I'm currently without a machine!

    Read the article

  • Looking for a USB Thumbdrive / Flash drive encryption solution (not TrueCrypt)

    - by Max888
    I am looking for a USB Thumbdrive / Flash drive encryption solution. I have searched the net but I have never come accross a solution which meets the following: Must handle at least 4GB volume If possible, fully portable (no install required required) Does not require admin rights in order to access/write encrypted files on the flash drive Does not corrupt data should the flash drive is removed from a USB port and the data is in a 'unencrypted' status Data is automatically encrypted if the flash drive is removed from a USB port and the data is in a 'unencrypted' status Portable apps must be able to run from the 'unencrypted' volume (in non-admin mode) PLEASE do not mention TrueCrypt as I am not considering (especially for wish list #3) Many thanks! Update 5th October 2009: Still unresolved.

    Read the article

  • How good is Word's password protection?

    - by Yuval
    Hi, I have a password protected MS-Word 2007 file that needs to stay private. How good is Word's protection? If it's not very good, can you suggest a better method for keeping the file protected? EDIT: my goal is to send the protected file to a recipient (who knows the password). I assume this recipient knows nothing about encryption/decryption, but if I absolutely have to, I'll encrypt the file and painstakingly teach the recipient how to decrypt it.

    Read the article

  • Windows 7 Dell laptop Forgotten password

    - by jtmk
    Hi, A friend has managed to set up their new Windows 7 Home Premium Dell Inspiron and forgot the password they have used. I have tried the following password reset software to no avail: UBCD OHPCrack Offline NT Password & Registry Editor *Trinity Kon Boot I have also tried to do a system restore but this asks for the password. The user does not have any data they need to save. Is there anyway I can get access to the restore partition using Linux to create a recovery disk or do I have to purchase a recovery disk from Dell? Any help is greatly appreciated.

    Read the article

  • Forgot Microsoft Virtual PC's password

    - by Kanini
    I have a Microsoft Virtual PC on which I run Windows 2003 Server. I am right now in the system, but have forgotten the password. So, while I can continue to work now, if I were to lock the computer or shut it down, I am locked out. Questions How can I ensure that the Virtual PC automatic lock does not happen? (Giving me time to try and remember the password or for future users, to look up this question!) How can I find out/reset my password?

    Read the article

  • Windows 7 locked out account

    - by Lukas
    I have a Win7 x64 computer. There was only one account (mine, created at installation, password protected, full administrative access with UAC enabled). To speed up the startup + login process I went to control userpasswords2 and unchecked that users need to enter password. By this operation my account has been changed to Guest type and an Administrator account has been created. This Administrator account has a small overlay icon with a downwards pointing arrow. My original password did not work; if I try leaving the password blank it says something like "Your account has been disabled. Contact your administrator." Contacting myself surprisingly did not help. As my account (which I am still able to access) is Guest, I have no rights to do anything. Is there a way to get my access back without reinstalling?

    Read the article

  • How do I decrypt a password-protected PDF on OSX?

    - by Brant Bobby
    I have a PDF that requires a password to view. I know what the password is. I frequently open this PDF to print it, and find entering the password each time incredibly annoying. How can I remove the password from the PDF? Since I need to print it, simply taking a screenshot isn't a good solution. I tried printing the file to a PDF, but Preview disables the "Save as PDF..." option in the print dialog.

    Read the article

  • Any command line tool checking windows domain password?

    - by Chen Jun
    Does Windows provide a command line utility that lets me check a domain user's password? It is sufficient that the utility returns success(0) if I provide a matching domain user name and password. Alternatively, is there a simple VB/JS script that can do this? I'm the Intranet admin of my company and have the default password set for corporate staff, so I'd like to quickly scan which users have not changed their default password. Better yet, are there any books or websites which cover such topics so that I can get more information?

    Read the article

  • Password Manager that can sync a Blackberry and Mac OS X.

    - by pdhoven
    I use a Blackberry Bold and a Macbook Pro. I am looking for a solution to have a synchronized password manager between the two devices. All the commercial ones I have discovered won't work between a Blackberry and a Mac. The almost solution was KeePass. I like the application on the Blackberry but I could not get the sync working reliably to the Mac. As well, I had to run the PC application by using Mono on the Mac and it was pretty slow. I am happy to pay for a good solution.

    Read the article

  • How to get rid of superuser`s password?

    - by eleonora
    My father put a new superuser password on my laptop, and now i cant access my computer without him putting the password in. I am really helpless. How can i get rid of his superuser control? Can i delete or change the superuser thing? Please help!!!!

    Read the article

  • [java] Keystore change passwords

    - by user313724
    Hi, I currently have a keystore, with a particular password that only I should know. I now need to give access to that keystore to someone else, so I would like to either: 1) Change the password, so I can share it with others and let them sign 2) Create a different password and allow them to sign with it. Is this possible? and - if yes - how?

    Read the article

  • Does Hotmail really offer two-factor authentication? [closed]

    - by Brian Koser
    I've read multiple news articles that claim Hotmail offers two-factor authentication. One of the articles describes Hotmail's system, saying ...whenever you go to Hotmail...you can choose to get a single-use code–a string of numbers that will be sent via text message to your phone–to use instead of your password. Is this an accurate description of Hotmail's system? If so, does Hotmail really offer two-factor authentication? If you can use either your password or a single-use code, it seems to me that it does not. Is this system really more secure than just having a password? Doesn't this just make an additional "key" available to a hacker? (I must be wrong here, I know the folks at Microsoft are much smarter than I am).

    Read the article

< Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16  | Next Page >