password-protection

Post Username & Password To Protected Folder/Site

I'm trying to post a username & password from an HTML form to a protected folder on a website? Is this possible? I thought I just pass in a syntax in the URL like the below but not having any success http://username%[email protected] I'm still getting the alert pop up asking for the username and password? I need to b...

How to use doctest on a Client script ?

I am playing with Google Calendar API, creating some useful function. I another hand, I want to do it right puting some useful doctest and starting agile development. How to write doctest since the result of each function is not really predictible (Depending of what is new on the server) : >>> calendar = GoogleCalendar(user='blabla',...

Howto save a password in the registry

I have a desktop application with a remote interface. The access to the remote interface is secured by a username and password. What would be the best way to save these password securely, preferably in the registry? ...

Does anyone know what the code looks like for a VBA OLE Attack (to discover VBA level passwords in Office documents)

This is not a hacking question (as such) I am writing an in house tool for our Service Management Team to reset/remove lost passwords from Office Documents. I have the PassWare Program that does this already but want to incorporate the function into a VBA script. ...

Secure(r) storage of MySQL login information?

First off, I realize that there is no such thing as a perfectly secure solution (and even if there were, its usability would be crap). That said, how do you protect your MySQL database from being compromised by someone downloading your code and picking through it? Based on my experience with PHP, it seems obligatory to store it within ...

Encrypting zip files with a password based on Zip 2.0 encryption

Hi, I am trying to zip and encrypt files in Java (1.6) with a password based on the earlier Zip 2.0 encryption. I have used AES 256 bit encrytpion to encrypt zip files with password and have successfully been able to do so. Though AES is a stronger and a more secure encryption standard, i need to find a standard that is more widely s...

password protected in ASP.net?

I have this code (ASP.net VB.net): Dim xx As Net.Mail.SmtpClient xx.Credentials = New Net.NetworkCredential("username","password") I'm not very sure but would the password stored there be ridiculously easy for a hacker to get? If it was a standard windows form app, something like net reflector get the password with the click of a but...

How should I securely store passwords and use http auth in a chrome extension

I'm making a chrome extension that requires fetching an xml file from a secure server. I'm currently using XMLHttpRequest() to make a call to the server https://username:[email protected] which returns an xml object that I can parse and display. I want this extension to be available for more than just my hobby use, so it needs an...

saving passwords inside your application code

Hello all, I have a doubt concerning how to store a password for usage in my application. I need to encrypt/decrypt data on the fly, so the password will need to be somewhere. Options would be to have it hard-coded in my app or load it from a file. I want to encrypt a license file for an application and one of the security steps invol...

How to send password securely via HTTP using Javascript in absence of HTTPS?

The very basic issue all developers face: Whenever user submits the form, the password is sent via network and it must be protected. The site I develop for doesn't have HTTPS. Neither does the owner want to buy a SSL certificate, nor is he interested in a self-signed one. So I want to protect the password sent via HTTP using Javascript w...

password protection of pdf files

we have a requirement to protect pdf files using a password, are there any java based open source tools which will help us in this regard? ...

automatic password protected emailed reports

Hi All, My Client has requested that i email him reports daily and that they are password protected. Before I write a service to do this, I was wondering if there is not a better alternative. The data is stored in an SQL 2005 database with DB mail setup and running. We are also using reporting services. The option he has given me ar...

How do the password revealers work?

I've seen some password revealing software. Most of them has a shooting pointer like pointer and you can just point the password text box and the software is revealing the password. But still the protected software and the revealer software are not interconnected. They are separate processes running on the same host. My queries are, ...

Pen testing your MVC application

Here are some the commonly known practices for securing an MVC application: Encode your output Parameterize your SQL Test your search backwards and forward 1 way hash passwords Lock out accounts or limit login attempts Use code based impersonation when accessing the file system Access SQL with a locked down username Use Honey-pots or c...

Lighttpd: How to password-protect URLs matching regex

Hi, Is there a convenient way to password-protect URLs which match a certain pattern in Lighttpd? I thought about matching regex, but any other creative solution will be nice. NOTE : I'm not looking for a way to password-protect a directory, beacuse the URLs I want to protect aren't confined to a certain directory structure. Adam ...

Help with salt and passwords

I want to implement a salt into my login system but am a bit confused on how this is supposed to work. I can't understand the logic behind it. I understand md5 is a one-way algorithm and all of the functions that I have come across seem to hash everything together. If this is the case, how does one get the password back out for compariso...

How to create a excel file with open protected password in java?

Hi, I need to create a excel file with password protection on opening the xls. Need a solution with open source java library. Could not find any proper solution. Its urgent,Pls help... Thanks, Prasanna ...

how to protect plain text password in my script? (ruby)

in my ruby script I need to pass user name and password as a plain text in a form in order to log in. Both user name and password are currently stored in my script. I have no control over the server I log in from the script. The script is localy working fine and in the future I want to move to onto my webhosting provider and run it ...

What is the correct datatype for storing hashed passwords in mysql?

Hello, I am writing an application in ColdFusion where storing passwords is necessary. I plan to hash the passwords on the server (using the SHA512 Hash function in ColdFusion) before inserting them into a password column in my database. I would like to know what datatype to use for the password column. Many thanks! ...

PHP: Allowing Public and private access to files?

I am building a site that is permissions based. The user can add or remove read permissions to the public for pages as well as files. What is the best way to serve files that are protected, using php? I have seen things like www.mysite.com/download?file=filename.jpg or something like that, but I prefer clean paths. Also, if my files ...