Hey, Just wondering if there are more password policies beyond the generic ones such as "minimum password age", "password must meet complexity requirements", etc. I would like to create stronger password policies for the administrators. Is there a way to add more complexity to the password requirements? Another thing, is there a way to...
I'm building a page with a custom template. The thing is, I need this page to be password protected, or at least accessible to logged in users, but even if I set it as such (Private/Password protected) in the New Pages section in WordPress Administration, it won't display the menu entry nor the content (if Private) or it would show the ...
I am trying to store a username and password to hash against for future offline logging in. What is the best way to do this in objective c? I will need the password to be stored securely. ...
Initially I had the issue reported in this question. Now, what I noticed is that there are some browsers that accept the password, and there are some which don't. Difference? For some reason the cookie is generated when I log in into the Administration module, but it isn't when I write down the password to access the page, forcing it to...
I'm working on a system that interacts with many external system API:s. Most of them require authentication of some sort. For the sake of usability there is an "application wide reachable" AppConfig that stores configuration info, as well as credentials for the external systems. My question is if it is a bad idea to store usernames and ...
Hi, I've created an ODBC connection to an Excel 2007 Workbook using ACEODBC.dll, which is supposed to work for both .xls and .xlsx files. However when I try to open a connection using JDBC I get a SQLException: [Microsoft][ODBC Excel Driver] External table is not in the expected format. The Workbook is also password protected and encryp...
Greetings! I'm needing to deploy a compact database with an application I am working on. The database acts as a cache for data the app has already seen, and that data will never change, so the cached values will never become outdated. I've chosen SQLite, and I'm writing in C#. I'd like to protect the database files so they cannot be ea...
Hi. I'm using Flash CS4 and AS 3.0 I'm trying to add a login for running my flash movie. When the user clicks the login button, the text of the password field is authenticated, which allows gotoAndPlay(2) . But the problem is both in my .swf and my projector .exe i can easily jump the login frame by pressing Ctrl+Enter . ...
So Im working on a site(gaming community) that im aiming to release to the public soon. Currently Im working on the password part. I have only used md5 until now. I have read about password safety and heard that salting is currently the way to go. How does this sound to you? Every user has its own unique 12 length salt of random charac...
Hello, I have a CakePHP Application which I want to protect with a password. The tricky thing is, that all files/locations should be only accessible with a password EXCEPT one specific Address (a function withing a CakePHP-controller) The Address is like that: http://example.com/MyApp/MyController/MyFunction?MyParam=MyValue All...
Hey! I am very new at javascripting and I would like to know if there is any way of authenticating a homepage using javascript? I do know a couple of ways but they are extremly easy to "hack" because the username and passwords are stored in the script itself - as arrays. Do you guys know any good ways of authenticating just a single su...
I started reading Google Chrome's documentation, and liked it's approach of using HTML and Javascript to create extensions. Reading this tutorial about Local Storage made me think about a lot of different uses. I want to develop an extension to help me with corporate systems. It's very specific, and it's only going to be used inside a c...
I would like to create a site-wide hash to be used as salt in creating password retrieval tokens. I have been bouncing around stackoverflow trying to get a sense of the best way to do this. Here's the reset process: When a user requests a password reset email the code generates a retrieval token: $token = hash_hmac('sha256', $reset_h...
Anyone have any ideas on how to do this? I've found one plugin, but it doesn't do the job. I'm basically using Wordpress as a CMS, and I just want to make one "page" both private and password protected, i.e. you need a password to view the page and it doesn't show up in the menu. ...
I had an idea about hashed passwords and salt values. Since I'm rather new to hashing and encryption, I thought I'd post this to you. Would it be more secure to generate a unique salt for each user account, then store the salt and hashed values in the database? Or, keep a single salt value securely stored and re-use that each time I h...
I'm working on a version of Password Safe for android. Password Safe uses a passphrase to encrypt your passwords, but typing out long passphrases on a smartphone can be tedious, especially if they're masked. I'd like to investigate using alternatives to a passphrase, such as arrays of simple images. Are there any good examples of su...
Once I've generated a salt and hashed the password (using bcrypt, etc) would it be best to store the results as a string or as a byte array in the database? Are there any benefits either way? Or is it a more subjective decision? ...
Is it possible to password protect a page without db access? I may have only few pages. But I should be able to change password and also save sessions etc. And I want a secure way as it's for production site! How is it to store in a config.php after md5: <?php username="admin"; password="1a1dc91c907325c69271ddf0c944bc72"; ?> If ...
Hello everyone, I have a password-protected directory on a running server. I would like to download some file(s) from this directory (using a URL) to the Documents directory of my iPad application. How do I send the password of the directory I am trying to access? ...
I have a site and for a user to reset this account a confirmation code is email to them, however, after talking it over, it seems this could be a huge security hole. I'd like to make a small app that I can use and show my boss how unsafe the site is. Basically, the code's length is 12 characters with the last 4 being fixed and it only u...