passwords

How to validate that a file is a password protected ZIP file, using C#

Given a path to a file, how can I validate that the file is a password-protected zip file? i.e., how would I implement this function? bool IsPasswordProtectedZipFile(string pathToFile) I don't need to unzip the file -- I just need to verify that it's a ZIP and has been protected with some password. Thanks ...

Weird input text and input password erasing default input password

I have a simple text and password input with default username and password filled out. If I put focus on the text input and then remove the focus, it erases my password input for some reason. This only seems to happen on firefox. I thought it would be my surrounding code, but I tried moving everything to a blank page and stripped everyth...

Ruby password SHA512 hash replication using PHP

Hi there, is there any way I can reproduce this ruby function: def Password.hash(password,salt) Digest::SHA512.hexdigest("#{password}:#{salt}") end In php. Cheers ...

Password Recovery tool in C# not working

Hi (I'm pretty new to this), I have created a portal where the user logs in and within that, they can view other programs I've made. The problem is the password recovery does not seem to be working - I get no error messages, I just get the message "We were unable to access your information. Please try again." I have the ASP.NET configur...

Storing passwords for authentication against another system

This is not the usual question "Is it safe to store plain-text users' passwords?". No, it's not safe, we all know that. I'm writing a little application that should authenticate against an external system to do some stuff, and the only available authentication method is through a username and a password. It was intended for humans, and ...

What is the best way to determine duplicate credit card numbers without storing them?

I run a website where we mark certain accounts as scammers, and "flag" their account and all credit cards used as being bad. We don't store actual credit card values, but are storing a checksum/MD5 algorithm of it instead. We are hitting collisions all the time now. What is the best way to store these values - non reversible, but ab...

How to encrypt passwords for JConsole's password file

I am using the JConsole to access my application MBeans and i use the the password.properties file. But as per the Sun's specification this file contains passwords in clear text formats only. com.sun.management.jmxremote.password.file=<someLocation>/password.properties Now i would want to encrypt the password and use it for the JMX us...

git-svn password change

I'm using TortoiseGit on Windows XP. My team all use a central svn server as our central "canonical" code repository. It's all run on a windows network. I work locally with git, then use git-svn dcommit to commit regularly to the svn server. Our network enforces a regular password change - which changes my password for the svn server ...

Display a password prompt in Firefox

I'm writing a Firefox extension, and would like to display a password prompt. I don't just want to use the JavaScript prompt function, since it doesn't hide what's being typed. Instead, I'd like to have a prompt where the characters typed are replaced with asterisks or dots. Is there some way I can use a built in Firefox password dial...

how does IM remember password securely?

How can msn messenger and others provide a way to remember password on disk and then send it to the server for authentication later? I searched for this topic and found a couple solutions such as BCrypt. However it stores hashed value and i can't send it to the server to authenticate. Others suggested do not save but that is not very pr...

phpBB global password

How can I create a global password in phpBB, as in all forums are locked/unviewable to begin, and typing it in once unlocks all of them? It would also help if it stored the password for future visits, as well as not requiring a password for registered users. I know that I could use a .htaccess/.htpasswd solution, but 1. it requires both ...

Need help in asp.net password textbox

Hi all, I have problem with password text box control. I have username textbox, password textbox, retypepassword textbox. And i have drowpdownlist with items Website, Newspaper, Others. After filling username, password, retype password in textbox. Whenever i am selecting items Newspaper and Others items from drowdownlist, password and re...

ASP.Net Membership saves changed password as plain text even with Hashed passwordFormat set

Hi all, I'm using the ASP.Net SqlMembershipProvider to manage my users. Here is my config: <membership defaultProvider="SqlProvider" userIsOnlineTimeWindow="15"> <providers> <clear /> <add name="SqlProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral,...

Password protect a simple web site

I've got an HTML-only website (with a bit of inconsequential javascript). The static pages are generated from a photo-blogging program that I created. There are hundreds of pages and thousands of pictures. I'm considering adding very basic security to the site (as a marginal impediment to someone who's casually attempting to access th...

Simple JAVA: Password Verifier problem

I have a simple problem that says: A password for xyz corporation is supposed to be 6 characters long and made up of a combination of letters and digits. Write a program fragment to read in a string and print out a message as to whether or not the string entered would be considered a valid password. I need help on completing this code....

How should I store a user's LDAP password in a cookie?

So I have this black box authentication method, handed down to me from the accounts people, which basically amounts to ldap_bind($connection, $username, $password). But of course, I want my users to be able to log in for, say, 30 days at a time. The naive but insecure way to handle this is to store the username and password in plaintext...

Using HTTP POST for login forms

I regularly use a standard form to send login information through the HTTP POST method and then validate it using php to check if the details are correct. I use an md5 hash on the passwords (and sometimes usernames) to give some degree of security, so I'm not storing a raw password in my code in case it's viewed by an unauthorised person...

encrypt a password textbox in create view

hi thre i want to provide a textbox that would allow the user to encrypt a text i will basically use that in my create view for users and i have username and password textbox html helper how would i apply an encrypt functionality for the password textbox html helper? let say i have a button encrypt beside the password textbox... th...

Is forcing complex passwords "more important" than salting?

I've spent the past 2 hours reading up on salting passwords, making sure that I understood the idea. I was hoping some of you could share your knowledge on my conclusions. Say the salts on a system are 12 characters. If i'm an attacker, I don't have to create a rainbow table of all the combinations of those 12 characters with each entr...

Does a library exist to remove passwords from PDFs programmatically?

Does a library exist that will remove "owner" passwords from PDF documents so that the text can then be programmatically extracted from them? Something like PDF Technologies' Password Recovery tool, but callable from the command line or from Python. A GUI interface is not really useful to me, since the number of documents is so large. P...