Hi folks! I implemented a custom membership provider. I've also implemented my custom AES Encryption/Decryption overriding the abstract EncryptPassword/DecryptPassword of the MembershipProvider. however, when I trigger ValidateUser, the password is not automatically converted, am I missing something? Is it supposed to be called automa...
With PHP, I'd like to use a preg_replace() filter for passwords such that the only characters available for passwords are US ASCII typable, minus control codes and NULL. What's the RegEx to achieve that which I can plugin to preg_replace()? EDIT: I've been advised to edit this question since I "get it" now and won't be doing this terr...
After creating a new user john with: CREATE USER john PASSWORD 'test'; CREATE DATABASE johndb OWNER john; I can connect to the PostgreSQL server with: psql -U john johndb The problem is that psql never asks me for the password. I realy need to know what's wrong, because of obvious reasons. ...
First off, let me define the end goal: I'd like to Wordpress (version 2.8) to manage the authentication data/credentials and access control for a web site. Wordpress will be used for most of the site, but some pages will be built outside of the Wordpress environment. These pages should be able to use the user authenticaion data stored ...
Now that I know that there is an easy workaround to the standard way of locking and password-protecting VBA code, I'd like to move on to more effective ways of protecting code. I am to deliver an Excel-based tool to a client, but would like something more than simple annoyance-type protection that will only deter the very laziest of hack...
I am trying to update a VBScript (very little experience with this, I do a lot of VB.NET), that reads an FTP directory and moves certain files to a new local directory on a daily basis. I have old code that works on an FTP site that uses anonymous logins, but I now need it to access an FTP site that requires username and password. Here...
Hi, I need help using the PasswordRecovery control in .net 2.0. My situation is the application has changed from storing the passwordformat in Hashed to Clear. The problem is the newly created users have a clear password stored and there are still users with hashed passwords. When I use the passwordRecovery control as below for users w...
I have always enabled integrated security on my web apps inside IIS with the assumption that the passwords that are requested on the client end will always be transmitted securely (encrypted) to my authentication server (AD/LSA). Am I correct on my assumption? The reason I have always assumed this is 'coz I always think of them as being ...
Is your password more secure in any way if it is stored on LDAP rather than a database or an encrypted file? ...
Hi, I am using dozens of different web services, and I keep a password file in a remote Linux machine. The file contains my usernames, passwords and answers for security question. This server happens to be offline to often, and I'm looking for a way to keep the password file on my own computer, or on a service like DropBox. Obviously, ...
I often make small websites and use the built in ASP.NET membership functionality in a SQL Server database, using the default "hashing" password storage method. I'm wondering if there's a way to authenticate a user by hashing his password on the client and not sending it in clear text over the wire without using SSL. I realize that thi...
I'm working on a web application which involves connecting to Gmail on behalf of a user to check for new messages. Is there a way to securely store the user's credentials so that they can still be recovered for the login, or is there some way to obtain a token for Gmail to use in connections? EDIT: The application is meant to be used mo...
Part of our website is protected with .htaccess style password protection. When you try to access this area of the website the web browser pops up a dialog asking for your username and password. I need to access this programatically (eg with an ajax call). How does the server tell me it needs a password and how do I supply it? ...
Hello! When i use console.readPassword() to read user passwords through console, there is always one line added to the console. How to disable this behavior or how to delete that extra line (and move the cursor after the last character in the line before)? What escape character to use? Thanks ...
Hi I created a website from scratch using HTML and style sheets by following a "How to...." book so I am at a very basic level of knowledge. My question is I have photos on my site wonder how safe they are. Can I make them safe? Can anyone copy them? Would a password to access the site help? Any help will be much appreciated. Thanks W...
I have a Django-based site (not yet launched, so there are no real users) using plain django.contrib.auth, and want to store passwords as plain-text, not salted SHA-1 hashes. The question is what's the best approach to do this, hopefully, without patching (or monkey-patching) Django source code? NOTE: I perfectly know this is certainly...
I am trying to mask a password in Java. Sun java has suggested a way to mask a password as follows. Masking a password It uses a simple way to do that. public void run () { stop = true; while (stop) { System.out.print("\010*"); try { Thread.currentThread().sleep(1); } catch(InterruptedException ie) { ie.prin...
I'm moving my site from an oscommerce store to a commercial application. The new application stores its passwords using straight MD5 encryption. Oscommerce stores the password using MD5, but also adds a random 2 digit number (provided in plaintext) to the hash. Here is what someone posted on a forum: The two characters added are ...
Hi. I'm in the process of creating a traditional desktop application, and I'd like to enable the user to protect the application with a password. I was wondering what people tend to do in terms of helping the user if they can't remember the password? I don't want them to be locked out of the app entirely because of it. If I were creat...
My question is similar to this one: Write a password protected Zip file in Java, but what I need is to create password protected zip file using mechanism simpler than AES beause not every archive manager can unpack AES-protected zip files (for example WinRar is not able to do that). Do you know some free library that can password protect...