ASIHTTPRequest can store the username/password in the Keychain. How does this work? 1) Is the built in authentication dialog (ASIAuthenticationDialog) coming up and stores the username/password only for the first time? When will the dialog be presented? 2) What about the next requests? Is always the same username/password used? 3) Wha...
How can I check a webservice if the username/password is correct? I don't want to transfer the whole response body. I only want to know if the username/password exists and is correct. Currently I'm sending a request to my webservice like this: self.request = [ASIHTTPRequest requestWithURL:urlObject]; [self.request setUsername:username]...
When creating a password with sha1pass, the first value from the token, is '4'. For instance: sha1pass test gives us: $4$GTdnmykS$25iwV+ruXRwor4pUmKF57uXHj70$ The token uses $ as separators: 25iwV+ruXRwor4pUmKF57uXHj70 is the computed hash, GTdnmykS is the generated salt, since I didn't supply a second parameter, but what does tha...
I'm currently working on a Web app that requires a high level of security and I've been thinking about the password handling. That I should use a hashed password, with a large enough salt is a given, but would it be a benefit to hash the password multiple times with different salts or different algorithms? I'm not referring to the fact ...
Is it a bad idea to use an email address as a salt for a password? ...
What do you thing it will be the optimal method of passing passwords to different applications. Giving the password as a command line argument is not acceptable because this will be visible in logs - especially in an automation system. At this moment I'm considering two possibilities: providing the password in a file or temporary setti...
I have an existing website with a php database and multiple users; however, once logged in each user has access to every folder on the database. I want to limit users to one folder. How/can I create single folder access per user on one database? ...
The PHP function hash_algos() gives me this list on my webserver: [0] => md2 [1] => md4 [2] => md5 [3] => sha1 [4] => sha256 [5] => sha384 [6] => sha512 [7] => ripemd128 [8] => ripemd160 [9] => ripemd256 [10] => ripemd320 [11] => whirlpool [12] => tiger128,3 [13] => tiger160,3 [14] => tiger192,3 [15] => tiger128,4 [16] => tiger160,4 [17...
My employer uses a Juniper product for web based VPN - it apparently has all the connection settings preset. But It requires Java/JRE so it does NOT run on Mobile devices like RIM, Apple or Android. Are there any good alternatives for VPN applications. Perhaps something that would connect to the same independant back end? How safe it...
What's standard minimal and maximal lenght of username, password and email? ...
How would you implement simple password protection on a Google App Engine application? No users authentication, just simple requirement to enter a password in order to open specific page. The other requirement is that the target page should not be displayed if its URL is entered directly. I'm looking for a solution using Python. ...
This may be really simple, but I'm wondering how browsers that offer a 'remember your password' facility select the 'username' to save? I'm working with some asp.net that is spitting out it's usual incomprehensible id/name values and the browser is offering to remember the registration form's 'postcode' field as the username, rather tha...
Hello, I would like to compare a String to the password of the currently authenticated user (encrypted keys comparison). It seems like retrieving password from the ticket cache but how can I do that? Thank you ...
Generating a random password is easy. but generating a batch is more difficult. public static string getRandomPassword(int letters, int getallen) { //int letters = 8; //int getallen = 5; char[] letterdeel = new char[letters]; int minGetal = (int)Math.Pow(10, getallen - 1); int maxGetal = (int...
Hi all, I am having some trouble invalidating user passwords every 60 days on my postgres database: CREATE RULE user_expiration AS ON UPDATE TO users DO INSTEAD UPDATE user SET user_expires = user_expires + '60' This will work every time the user changes their password, however it also works every time any...
I've been looking around for encryption and I've seen several implementations of Rainbow Tables work like charm on passwords (say windows). I'm yet to see an implementation of a Rainbow attack on a RAR file. Why is it so. What makes RAR encryption more secure and immune to these sorts of attacks? ...
I can't get the following code working: when I press enter in the text-box, the function is not called. I can't see why though... <form> <p align="center"> <input type="password" class="password" name="text1" onkeypress="submitonenter(text1.value,"money","cash",event)" /><br> <input type="button" value="Enter" style="width: 100px" name=...
I'm using Rails 3. Could anyone suggest me a plugin (jQuery, Prototype) that works well? It will be fantastic if there is a plugin for formtastic. ...
Browser remember password feature is nice one but it has a problem when you do have several logins for several sections, something like: / - one login /private/ - another login /admin/ - another login The problem is what you can do in order to make the browser be smarter and do proper rember/autocomplete of user/passwords for each s...
Hi, I installed SVN on a Ubuntu machine and I can't get my head around something. Whenever I checkout something from the terminal I get this error about saving a non-encrypted password: ----------------------------------------------------------------------- ATTENTION! Your password for authentication realm: <[...]> Subversion Rep...