I have a series of interlinked web pages, and I want to restrict access to these pages by asking the user to provide a login and password. However, my hosting account currently does not provide any facility for server side scripting - is there any way I can accomplish this objective using only client side scripts? I was wondering how th...
Would like to create a strong password in C++. Any suggestions? I assume it should use alpha (upper and lower), numeric, special characters. It would be good to be able to specify a minimum length. It would be great to avoid characters that are hard to visually distinguish like "O" and "O" It would be great to void all characters same,...
Is there an equivalent of the OS X Keychain, used to store user passwords, in Windows? I would use it to save the user's password for a web service that my (desktop) software uses. From the answers to this related question (Protecting user passwords in desktop applications (Rev 2)) and the multitude of third party password storage tools...
I'm using C# and have a windows form containing a property grid control. I have assigned the SelectedObject of the propertygrid to a settings file, which displays and lets me edit the settings. However one of the settings is a password - and I'd like it to display asterisks in the field rather than the plain text value of the password ...
We're using the standard ASP.NET authentication provider (AspNetSqlMembershipProvider as it happens) and the defualt password strength requirement is a little excessive for our needs. We require our users to enter a password that is alphanumeric at least (i.e, letters and at least one number mandatory, mixed case and non-alphanumeric ch...
I have a program that is going to take a password as input and then do a shell execute to perform a "su" (switch user) command in UNIX. However, I don't know how to pass the password variable to the UNIX su command. The language I have to use for this is pretty limited (UniBasic). Any ideas? ...
What is the best way to send a password to a Windows Service? Our application needs a password in order to start. I don't care that services are "normally" supposed to run without user interaction. Its good enough for us that an operator can start the application and then log off. On a unix system, I would just echo the password over ...
On more than one occasion I've been asked to implement rules for password selection for software I'm developing. Typical suggestions include things like: Passwords must be at least N characters long; Passwords must include lowercase, uppercase and numbers; No reuse of the last M passwords (or passwords used within P days). And so on....
Hello, i'd like to prevent bots from hacking weak password-protected accounts. (e.g. this happend to ebay and other big sites) So i'll set a (mem-) cached value with the ip, amount of tries and timestamp of last try (memcache-fall-out). But what about bots trying to open any account with just one password. For example, the bot tries a...
What are the typical characters allowed in text fields in a new user sign-up? Are there www standards? Especially interested in Username and Password character types allowed. ...
I am writing a perl script that manipulates password protected zip files. Consequently I need to store & retrieve passwords to do this. I have three options for storing the password: Store in plain text. Before you jump in, I have pretty much ruled out this option. Use a simple password munger to prevent casual/accidental access (even ...
Is it possible to store passwords on the local system (Windows XP) that can only be accessed by the application itself? My instinctive answer would be "no". Even if some kind of hashing or encyption is used I would think that as long as the source code is available then the determined seeker could always use this to retrieve the passwo...
Hi all, My company, like everyone else's, requires password resets from time to time. This is all good and well for security's sake, but I'd like to explore the challenge of resetting it through a script (notably because we can't use our previous 25 passwords; Perl is much quicker about cycling through a list two-dozen deep than my fing...
I remember seeing a way to have an <input type="password" /> such that the browser will not prompt the user to save the password. But I'm drawing a blank (its late...). Is there an HTML attribute or some JavaScript trick that will do this? ...
I have a mySQL database behind a Joomla install. I changed the database password because I forgot it but now Joomla crashes looking for the database. I guess joomla has the password written somewhere - if anyone knows I might be able to manual edit it and enter the new database password. Otherwise I'm hoping a manual install of a back...
I'm trying to create system users with a php script securely, In that, I'd like to be able to hash the password with the php script, so that their password shows up nowhere in the bash history. How to I take a string, and hash it so it is a unix password hash? $UX_PW = some_function('my_password'); exec("useradd -p $UX_PW newusername")...
Ok, I have an application written in C#. We have data in an SQL Server. Among that data we have user accounts, which will give access to the application. I've read around, and I know that you should salt and hash and possibly hash a bunch of times, etc. But, where do I do what? What do I send to and from the SQL Server? Exactly what do ...
I am trying to implement the simplest shared 'files' folder for a website but wish to have a 'reasonable' level of access control - i.e no casual multimegabyte uploads from passing hoi-polloi. Users are given a password etc. They then log-in, once credentials are successfully checked, they are given one of two possible access rights - r...
How does one check to see if a user has typed in the right password to log in? This is what (out of a bunch of combinations...) I am doing: <? $login = $_POST['login']; $password = $_POST['password']; mysql_connect('localhost', 'root', 'abc123'); mysql_select_db('aun_vox') or die(mysql_error()); $q = mysql_query("SELECT password FR...
In some way I have managed to get this error when I try to access into MySQL via the command line: [root@localhost ~]# mysql -u root -p Enter password: ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES) I have tried resetting the password without any luck using this HowTo. I have uninstalled mysql com...