Search Results

Search found 21719 results on 869 pages for 'password security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 168/869 | < Previous Page | 164 165 166 167 168 169 170 171 172 173 174 175  | Next Page >

  • Is the Keychain suitable for storing general data, such as strings?

    - by cannyboy
    The Keychain seems to be used a lot for usernames and passwords, but is it a good idea to use it for other sensitive stuff (bank details, ID numbers etc), but with no password? What kind of encryption does the keychain use? The scenario I'm concerned about is a thief acquiring an iPhone (which is screen-locked) and being able to access the file system to get this info. Also, would using the Keychain involve export restrictions due to the use of encryption?

    Read the article

  • Can resources be extracted from a compiled iPhone app? If yes, how can they be secured?

    - by Charles S.
    Can resources be extracted from a compiled iPhone app that is released to the iTunes store? I'm particularly interested in the security of XML files... if I have copyrighted data in an XML document in my resource directory, how likely is it for someone to extract that information and paste it around the internet? If it's as easy as using a resource editor, how can that data be secured?

    Read the article

  • Restart Server from ASP.NET application when AppPool is ran under LocalSystem or LocalService account

    - by kape123
    Is it possible to restart server from ASP.NET application that is hosted by LocalSystem or LocalService account. This is working when I create custom administrative account and put AppPool to run under that account: Process.Start("shutdown", "/r /d 4:1 /t 10"); However, I don't want to have custom accounts (because of password expiry and need to update all AppPools when User passwords are changed). So, is this possible?

    Read the article

  • Authentication and authorization for RESTfull API (java jersery)

    - by abovesun
    Hi, implementing service something similar with tinyurl or bit.ly, I'm would like to expose service as API, I'm using java and jersey as RESTfull service implementation. I'm looking for simplest way for authentification of users who use API, OAuth is first thing coming in mind, but the problem is I don't need this 3 iteration calls with request token query, than access token query with callback url passing. I just need to give user ability to invoke api with no additional security calls to my server.

    Read the article

  • Best way for user authentication on JavaEE 6 using JSF 2.0?

    - by ngeek
    I'm wondering what the current state of art recommendation is regarding user authentication for a web application making use of JSF 2.0 (and if any components do exist) and JEE6 core mechanisms (login/check permissions/logouts) with user information hold in a JPA entity. The Sun tutorial is a bit sparse on this (only handles servlets). This is without making use of a whole other framework, like Spring-Security (acegi), or Seam, but trying to stick hopefully with the new Java EE 6 platform (web profile) if possible. Thanks, Niko

    Read the article

  • Whats a valid strategy for a secure image upload from a flash client?

    - by WillyCornbread
    Hi all - I'm creating a flash application that will post images to a url for saving to disk/display later. I was wondering what are some suggested strategies for making this secure enough so that the upload is verified as coming from the application and not just some random form post. Is it reliable enough to check referring location realizing that I don't need bulletproof security, or perhaps setting authentication headers is a better strategy even though it seems unreliable from what I have read. Thanks for any advice - b

    Read the article

  • PHPSecurityScanner & SpikePHPSecAudit - How do I?

    - by 01010011
    Hi, How do I run PHP Security Scanner and SpikePHPSecAudit? I've already extracted them at the root of my website and thought it could be run like phpSecInfo where you just navigate to www.mySite.com/phpsecinfo/index.php Any assistance will be appreciated. ps I am using Windows XP and XAMPP

    Read the article

  • CSRF protection and cross site form access

    - by fl00r
    Hi. I aw working on cross site authentication (some domains have got common authentication). So I want to send authentication data (login, password) to main domain from others. How should I use protect_from_forgery and how can I check if data received from valid domain? What I am thinking now is to turn off protect_from_forgery for session controller and check domain name of received data. But maybe I can configure CSRF protection for not only one domain?

    Read the article

  • How to change granted role temporarily to achieve "view the site as" someone else

    - by Roy Chan
    Hi Gurus, We are using 2.x spring security right now. I am asked to build an admin tool so that the ROLE_ADMIN can change to any user in the site and view the site as that person (each person on the site may see different stuff depending on the role which is dynamically granted base on the database) and of course the admin should be able to switch back to admin without logging in. Is there a build in function, if not how should I do this? Thanks in advance!

    Read the article

  • CSRF protecting and cross site form access

    - by fl00r
    Hi. I aw working on cross site authentication (some domains have got common authentication). So I want to send authentication data (login, password) to main domain from others. How should I use protect_from_forgery and how can I check if data received from valid domain? What I am thinking now is to turn off protect_from_forgery for session controller and check domain name of received data. But maybe I can configure CSRF protection for not only one domain?

    Read the article

  • Is there a .NET equivalent of WebGoat

    - by PJB
    Looking at this question the OWASP WebGoat project looks like a great way to learn about web security. Although the principles will equally to .NET applications I would prefer to use .NET based application. Does anybody know of a suitable .NET alternative?

    Read the article

  • Use Apache authentication in Django without popup

    - by chernevik
    I am using Apache to authenticate users for Django, but I would like to do so without the popup form that Apache uses in its basic configuration. How do I embed the login form within a page while still using Apache for authentication? That is, I'd like a page that says "Please login" and provides a form asking for username and password, and passes this information on to Apache for authentication. (I'd do this over an SSL connection, of course.)

    Read the article

  • How to restrict code from developers

    - by Kelvin
    My company is planning in hiring outsourcers to work for us, but concerned to give whole existing code to outside world. What is the proper way to deal with security of sharing code in such cases? Is it possible to restrict part of code for developers? So each of them could work on their project without having access to whole repository. P.S. The code we have is very integrated, and its hard to extract "one module", each module can use files from different locations. Thanks in advance

    Read the article

  • Hashes or tokens for "remember me" cookies?

    - by Emanuil Rusev
    When it comes to remember me cookies, there are 2 distinct approaches: Hashes The remember me cookie stores a string that can identify the user (i.e. user ID) and a string that can prove that the identified user is the one it pretends to be - usually a hash based on the user password. Tokens The remember me cookie stores a random (meaningless), yet unique string that corresponds with with a record in a tokens table, that stores a user ID. Which approach is more secure and what are its disadvantages?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 164 165 166 167 168 169 170 171 172 173 174 175  | Next Page >