I need to create a flash projector application which can be interacted with, but will not close unless a password is entered. I have created the projector file which I have created a close button with a password popup, but this doesn't do anything if the user presses ALT+F4 or Escape etc.. I either need to disable these combinations of...
I've got an old application that has user passwords stored in the database with an MD5 hash. I'd like to replace this with something in the SHA-2 family. I've thought of two possible ways to accomplish this, but both seem rather clunky. 1) Add a boolean "flag" field. The first time the user authenticates after this, replace the MD5 pas...
I have a usual login form consisting of two input fields, one for login, one for password. I am currently trying to add a control that will show entered password as plain text, so user can check it for typos. The problem is that browsers (at least Firefox) do not allow dynamic changing of type attribute of input fields, so I cannot just...
Recently I came across this word in a basic authentication article. What it meant by base64 clear text usrname and password on the network? Thanks ...
I'm quite new to jQuery, and I've written a simple function to check the strength of a password for each keypress. The idea is that every time a user enters a character, the contents is evaluated to test the strengh of the password they have entered... I'm sure everyone has seen these before. Anyhow, the logic I have used is that no pa...
I currently use, base64_encode() to encode a user's password, this works well because it allows me to simply use base64decode() to decode the password to a word and send to there email if they lose there password. I have been reading up on password though and a lot of people seem to say that you should use sha1() to encode a password....
Having an issue with random individuals trying to access an intranet site with a security certificate. Most users are able to simply select their Smartcard/CAC certificate, enter the pin number and then are granted access to the site's pages. However, random individuals enter their pin and then are immediately re-prompted by the IE aler...
Hi I need to use the SqlMembershipProvider without password to new users. How can I do that? Thanks! ...
I am making a custom ftp client that logs onto a single ftp site and goes to a specific folder to avoid users' putting files in the wrong place. I'm not super concerned about it, but the password is just a string to initiate the new ftp object. FtpClient ftp = new FtpClient("www.markonsolutions.com", "user", "password"); What is the ...
i have an account in an MYSQL website.. i forgot the password but still know my username. i always use username'-- for the past week to crack it. but now its blocked. how can i enter it again? ...
On a modern Unix or Linux system, how can you tell which code set the /etc/passwd file stores user names in? Are user names allowed to contain accented characters (from the range 0x80..0xFF in, say, ISO 8859-1 or 8859-15)? Can the /etc/passwd file contain UTF-8? Can you tell that it contains UTF-8? What about the plain text of passwo...
Here's the situation - its a bit different from the other database/password questions on StackOverflow.com I've got two sets of users. One are the "primary" users. The others are the "secondary" users. Every one has a login/password to my site (say mysite.com - that isn't important). Background: Primary users have access to a third sit...
I've been reading up on the benefits of salting and hashing passwords, but one thing still eludes me... When I provide a random salt for each user, how do I then know what the salt was when I try to authenticate them to login? so if I do.. HASHPW = PW.RANDOMNUMBER I could store the random number in the database, but that seems to k...
I've created an e-commerce site that uses paypal to accept payment. I am in the testing phase so I have password protected the entire site using htaccess. The trouble is that I am using IPN to verify PayPal payments and therefor my IPN script needs to be publicly accessible so that PayPal can communicate with it. Is there a way to pas...
How can I have a password inside PHP code and guarantee that no one viewing the page in the browser can retrieve it? Is, for example, <?php $password = 'password' ?> enough? Is there a better, more secure way of doing this? Thanks. ...
I'm working on a user authentication thing for a web site. Having read the book Innocent Code, I have followed its advice for storing passwords as hash(username+password+salt). The theory being that hashing the password alone is not secure (subject to dictionary/rainbow table attacks, and potentially not a unique hash on any given site ...
What strategy do you use to avoid storing passwords in version control? Currently, I have development/test/production passwords saved in three different files and the appropriate file gets used during deployment. All this is committed to version control, but I'm not too happy with that since not all developers need to know those passwor...
Is it better when a user forgets their password to have them reset their password or to just send the lost password back to them? ...
i forgot my drupal user id and password. Is there any way to recover it ...
First of all, I am well aware of that there are many of questions regarding this topic. I have read them, but still could figure out an appropriate answer for my situation. I would like to scp the entire ~/cs###/assign1 dir from local to school home dir with a shell script. My question is, is there a way in my script to wait for the pas...