Search Results

Search found 12796 results on 512 pages for 'password hash'.

Page 414/512 | < Previous Page | 410 411 412 413 414 415 416 417 418 419 420 421  | Next Page >

• Rainbow Tables: How to improve upon them??

  - by CVS-2600Hertz-wordpress-com

  I recently obtained the l0pht-CD for windows and tried it out on my PC and It WORKS!! http://2600hertz.wordpress.com/2009/12/22/100-windows-xp-vista-7-password-recovery/ I have also read http://kestas.kuliukas.com/RainbowTables/ I'm designing a "Login-Simulator" that stores pwd-s in a similar manner. The current implementation will be vulnerable to the above attack. Plz could anyone illustrate (in as simple terms as possible), how to strengthen the rainbow tables against such an attack. MY GOAL : Build "Login-Simulator" to be as secure as possible. (Read Hacking Competition ;-) ) Thank You.

  Read the article

• Why is it a bad idea to use ClientLogin for web apps in the Google API?

  - by Onema

  I just picked up the Google API today to allow some users of our site to upload videos to our own organization YouTube account. I Don't want our users to know our user name and password, but rather give them the option if they want to upload videos to youtube or not. If they choose to do it, they check on a check box and hit the submit button. I keep seeing over, and over in the Developers guide that ClientLogin, which to me looks like the best option to implement what I want to do, is not a good idea for user authentication in web applicaitons. The "AuthSub for web applications" doesn't seem to be the best mechanism for what I want to implement! Any ideas on what to do? Thank you

  Read the article

• The remote server returned an error: (407) Proxy Authentication Required

  - by chris

  I'm getting this error when I call a web service: "The remote server returned an error: (407) Proxy Authentication Required". I get the general idea and I can get the code to work by adding myProxy.Credentials= NetworkCredential("user", "password", "domain"); or by using DefaultCredentials in code. My problem is that the call to the web service works in production without this. It seems like there is a non code solution involving Machine.config, but what is it? At the moment I can't get to the production boxes machine.config file to see what that looks like. I tried updating my machine.config as follows, but I still get the 407 error.

  Read the article

• Rails form helpers: how to add an element to a collection?

  - by Laran Evans

  I have a keychain object. keychain has_many credentials. I'm trying to write the view code to add a new credential to a keychain. This is the code I have: <% form_for(@keychain) do |f| % <tr <td<%= f.select "credentials[]", current_account.services.collect{ |s| [s.friendly_name, s.id] } %</td <td<%= f.text_field 'credentials', :username %</td <td<%= f.password_field 'credentials', :password %</td </tr <% end % But it fails with this message: NoMethodError in Keychains#new Showing app/views/keychains/_keychain_form.html.erb where line #32 raised: undefined method `credentials[]' for # What am I doing wrong?

  Read the article

• php fail to open a sqlserver 2000 database

  - by Mike108

  I can use the sql server management studio to open a sqlserver 2000 database, but I can not open the same database in a php page using the same user and password. what is the problem? if(!$dbSource->open("192.168.4.241:1433","sa","sa","NorthWind")) { echo "Fail to open the sql server 2000 database"; } ----------------------- function open($db_server, $db_user, $db_password, $db_name) { $this->conn = mssql_connect($db_server, $db_user, $db_password); if(!$this->conn) { return false; } @mssql_select_db($db_name, $this->conn); return true; }

  Read the article

• Impersonating a user in wrong domain doesn't throw exception

  - by Rita

  I've used the common impersonation code and it worked just fine, until I inserted random 'dggdgsdg' in domain - and it worked nonetheless... if (LogonUser(Username, Domain, Password, Logon32LogonInteractive, Logon32ProviderDefault, ref existingTokenHandle) && DuplicateToken(existingTokenHandle, (int)SecurityImpersonationLevel.SecurityDelegation, ref duplicateTokenHandle)) { Identity = new WindowsIdentity(duplicateTokenHandle); ImpersonationContext = Identity.Impersonate(); } else { throw new Win32Exception(Marshal.GetLastWin32Error()); } I used some TestUser on my domain, and it worked. I then switched domain, to random nonsense 'werwerhrg', and it impersonated the TestUser on my domain! Why? I would expect an exception to be thrown, why on earth is it working?

  Read the article

• Zend Framework - Not Connecting to IMAP mail server - instead dumps empty php file

  - by Ali

  Hi guys I'm trying to connect to an imap mail server using zend frameworks Zend_Mail_Storage_Imap function. Its working with some accounts but with most accounts it just dies out. I'm connecting using: $mail = new Zend_Mail_Storage_Imap(array('host' =>$current_dept->incoming_server, 'ssl' =>$current_dept->ssl, 'port'=>$current_dept->incoming_port, 'folder'=>$mbox_name, 'user' =>$current_dept->email, 'password' =>$current_dept->email_psd)); WIth some email accounts teh code doesn't go past this statement - and instead I'm prompted to 'download' the php file being run. Whats happening here - the mail server details are correct.

  Read the article

• Streaming video using realnetwork helix

  - by aspdotnetjunkie

  Hi all and thanks in advance. I'm new to streaming media. I've just signed up for streaming services from gate.com for my website. They provided me with the following info. It says it's provided by realnetwork Helix This is all they gave me, with no instructions of how to do it. UN:media.mydomain.com Password:xxxxxx Hostname: rtsp://media.mydomain.com:554/media.mydomain.com/FileName.rm Questions: How do I upload videos to my new account? Can I play them using flash player? Thank you,

  Read the article

• Security question

  - by Syom

  in my cms i have index.php, where client must enter username and password. if they are correct, he'll moove to admin.php, where the cms is. but now hacker can enter to cms/admin.php, so my security now is awful. i know, that i can use $_SESSION variable. index.php - i can give some value to $_SESSION['success']: $_SESSION['success'] = TRUE, and in admin.php just verify it admin.php if($_SESSION['success'] == TRUE) { my script here... } else header("Location: index.php"); but i want to rich this effect without SESSION. could you give me an idea, how can i do it? thanks

  Read the article

• How can I know if a file has been changed in .NET C#?

  - by Anthony D

  I have an application that requires a secure way to store its configuration. There are users that can change the configuration. I need some sort of signature scheme where I can verify that the config file has not changed with out a valid user. I had thought about using RSA, where the private key is encrypted with the users password, and the public key is used to sign the config. However there is nothing to prevent someone from changing the user file and adding their own public key, thus circumventing my security. Any ideas?

  Read the article

• PLEASE HELP JAVA/SQL question

  - by fred-ghosn

  Hello everyone, well I'm new here and I really need some help.. I want to create a table and this table's name will be inserted from a textfield. However when I run the query it's giving me an error, any help on this one? Ill paste the code here: public boolean CreateTable() { TableNumber=jTextField4.getText(); try { String password = null; String s = "CREATE TABLE '"+TableNumber+'" (Item char(50),Price char(50))"; ConnectionForOrders(); stmt = conn.createStatement(); stmt.executeUpdate(s); boolean f=false; ConnectionForOrdersclose();

  Read the article

• Is it immoral to put a captcha on a login form?

  - by azkotoki

  In a recent project I put a captcha test on a login form, in order to stop possible brute force attacks. The immediate reaction of other coworkers was a request to remove it, saying that it was inapropiate for that purpose, and that it was quite exotic to see a captcha in that place. I've seen captcha images on signup, contact, password recovery forms, etc. So I personally don't see inapropiate to put a captcha also on a place like that. Well, it obviously burns down usability a little bit, but it's a matter of time and getting used to it. With the lack of a captcha test, one would have to put some sort of blacklist / account locking mechanism, which also has some drawbacks. Is it a good choice for you? Am I getting somewhat captcha-aholic and need some sort of group therapy? Thanks in advance.

  Read the article

• Java String to SHA1

  - by AeroDroid

  I'm trying to make a simple String to SHA1 converter in Java and this is what I've got... public static String toSHA1(byte[] convertme) { MessageDigest md = null; try { md = MessageDigest.getInstance("SHA-1"); } catch(NoSuchAlgorithmException e) { e.printStackTrace(); } return new String(md.digest(convertme)); } When I pass it toSHA1("password".getBytes()), I get "[?a?????%l?3~??." I know it's probably a simple encoding fix like UTF-8, but could someone tell me what I should do to get what I want which is "5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8"? Or am I doing this completely wrong? Thanks a lot!

  Read the article

• Capturing HTML input values using a BHO

  - by Meric

  Hi all, i am a complete nobbie to BHO and C++. This is what i want to achieve. Using various code samples, i have been successful in installing a BHO in my Internet Explorer. I am currently making use of the Invoke method to search for DISPID_HTMLDOCUMENTEVENTS2_ONCLICK and have been successful in capturing the event. How can i access a HTML input on the page is filled up with values? (eg. i navigate to www.gmail.com, key in some values into the username and password, and my BHO is activated upon the onclick event?) Code examples or link to documentation would be fantastic help regards Meric

  Read the article

• How to call a jquery function from an action method in controller?

  - by Hasan Fahim

  I have a requirement to open a popup from an action method in controller. The action method is basically registering a user. [HttpPost] public ActionResult Register(RegisterModel model) { if (ModelState.IsValid) { MembershipCreateStatus createStatus; Membership.CreateUser(model.UserName, model.Password, model.Email, null, null, true, null, out createStatus); if (createStatus == MembershipCreateStatus.Success) { FormsAuthentication.SetAuthCookie(model.UserName, false /* createPersistentCookie */); //------------------------------------------ //I need to call a jquery function from here //------------------------------------------ return RedirectToAction("Index", "Home"); } else { ModelState.AddModelError("", ErrorCodeToString(createStatus)); } } return View(model); } The jquery function, present in the view, would just make a hidden DIV, visible, and set the opacity, etc, to represent a popup. I need to call such a jquery function from the controller's action method shown above.

  Read the article

• Are SqlCipher open cursors a security concern?

  - by user1178479

  I'm using SqlCipher with content providers. Right now, when I want to lock the app I just clear out the cached password. However, the app can continue to work with any open cursors. This means that re-opening the app grants access to the sensitive data. I fix this issue on the surface by redirecting to a login screen if the app doesn't have passwords. However, I'm concerned if there are any security issues with these open cursors or if I should just continue to block UI access and not worry? SqlCipher's docs say that it reads/writes encrypted pages on the fly, as opposed to decrypting the entire DB, this makes me think that open cursors are still secure. The main concern here is that someone loses their phone and then a knowledgeable individual can use these open cursors to extract sensitive data.

  Read the article

• Git Clone from SSH Repository

  - by Mike Silvis

  I used to be able to clone from my personal git repository but now i seem to be running into an error. user:dev.site.com mikesilvis$ git clone { my ssh directory } server@ipaddress's password: remote: Counting objects: 3622, done. remote: Compressing objects: 100% (2718/2718), done. error: git upload-pack: git-pack-objects died with error. fatal: git upload-pack: aborting due to possible repository corruption on the remote side. remote: aborting due to possible repository corruption on the remote side. fatal: early EOF fatal: index-pack failed It seems to be working however while I push files to the repository.

  Read the article

• Unrecognized authentication type when doing an Auth to Exchange from Rails

  - by blakeage

  I'm getting this error when trying to authenticate with Exchange Server from Ruby on Rails: 504 5.7.4 Unrecognized authentication type config.action_mailer.raise_delivery_errors = true config.action_mailer.perform_deliveries = true config.action_mailer.delivery_method = :smtp config.action_mailer.smtp_settings = { :address => "x.x.x.x", :port => 25, :user_name => "xxdomain\xxuser", :password => "xxxxxx", :authentication => :login, :enable_starttls_auto => true } I've tried all sorts of combinations of configuration settings, including changing the settings to use "plain" authentication, adding the domain, setting enable_starttls_auto to true, false, and removing it entirely, removing the port. Nothing has worked. Any ideas?

  Read the article

• .NET connecting to oracle problems with the connectionstring

  - by Oxymoron

  At the moment I'm trying to make a connection to a local server. Connecting via, say, TOAD works fine. When I try to connect using .NET I get ora-12154. Which puzzles me, since I'm using the connectionstring from my TNSNAMES.ora file: XE = (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = myPC)(PORT = 1521)) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = XE) ) ) As follows: private string connectionString = "Data Source=(DESCRIPTION =" +" (ADDRESS_LIST=(ADDRESS = (PROTOCOL = TCP)(HOST = myPC)(PORT = 1521)))" +" (CONNECT_DATA = (SERVER = DEDICATED)(SERVICE_NAME = XE));" +"User Id=sys;Password=zsxyzabc;"; Any ideas?

  Read the article

• Subversion post-commit hook

  - by GeoSQL

  I am trying to get SVN to copy files to my htdocs folder on commit. Here is what I have so far in my post-commit.bat: "C:\subversion\bin\svn.exe" update "C:\apache\apache2.2\htdocs" When I look at the log files created by the hook I get the following line: Skipped 'C:\Apache\Apache2.2\htdocs' Does anyone know why this is happening? No matter what directory I choose as a destination, I get the same error. I am running SVN 1.6.4, Tortoise 1.6.8, Apache 2.2, WinXP SP3 I am not using username and password because there is no security set up on the SVN repository. It's just me developing. Thanks

  Read the article

• Can phper give me some code snippet to consume the .net wcf service

  - by Vincent

  Hi, I can successfully make a call to wcf from php without WCF message security enabled. I search the whole forum and cannot find any clue. I'd like to know how can I pass the credential ? My WCF service use the basichttpbinding on SSL with Message security enabled. Here is my code snippet to call my wcf from .NET ServiceReference1.TestClient sc = new TestClient(); sc.ClientCredentials.UserName.UserName = "[email protected]"; sc.ClientCredentials.UserName.Password = "ABC123"; Console.WriteLine(sc.GetProfiledSchemas(412));

  Read the article

• Blackberry 507 Erorr

  - by Haoest

  I didn't think it would be so catastrophic when I typed JavaLoader -usb wipe -a into the command line with my blackberry 8800 test device. It reboots with a 507 error that I can't get rid of. I have Blackberry Desktop Manager 4.6, which is normally what I use to upload my test apps, but this time I go to Application Loader, hitting start gives me that dialog box that shows me the list of 1 USB connection "PIN: xxx" with a password field (which I have no idea of,) then it says "connecting to boot ROM" then stops at the message: A connection to the device can not be established... Now is there a hard physical way of resetting my blackberry 8800, please?

  Read the article

• Redirect into two different page after login.jsp according user category

  - by Ryon

  I have created a login.jsp with some login username and password. Users are categorized into A and B. Then I have to redirect each user according to the user category. I also need to retrieve the username in the next page. My form in login.jsp page is something like this: <form method="POST" action='<%= response.encodeURL("j_security_check") %>' Do I have to use javax.servlet.Filter? what should be added in web.xml? Anyone had an idea how to do it?

  Read the article

• User controls in masterpage and anonymous user

  - by Senad Uka

  I am developing a master page which includes the user control that generates a menu from the list with a specific logic. Before including the control into master page I successfully configured anonymous access to the site. After including the control and deploying - site prompts for user name and password. I allowed the anonymous access to the list. Oh yes ... It worked on SHarepoint 2010 beta, but the problem happens when deploying to the Sharepoint 2010 final release. Additional data: I am using Sharepoint Server 2010 with Standard features, standalone instalation on Windows Server 2008 R2 for deployment, and Visual Studio 2010 Ultimate for development of masterpage and user control.

  Read the article

• Understanding CGI and SQL security from the ground up

  - by Steve

  This question is for learning purposes. Suppose I am writing a simple SQL admin console using CGI and Python. At http://something.com/admin, this admin console should allow me to modify a SQL database (i.e., create and modify tables, and create and modify records) using an ordinary form. In the least secure case, anybody can access http://something.com/admin and modify the database. You can password protect http://something.com/admin. But once you start using the admin console, information is still transmitted in plain text. So then you use HTTPS to secure the transmitted data. Questions: To describe to a learner, how would you incrementally add security to the least secure environment in order to make it most secure? How would you modify/augment my three (possibly erroneous) steps above? What basic tools in Python make your steps possible? Optional: Now that I understand the process, how do sophisticated libraries and frameworks inherently achieve this level of security?

  Read the article

< Previous Page | 410 411 412 413 414 415 416 417 418 419 420 421  | Next Page >