We just upgraded our Visual Studio 2008 projects to VS2010. All of our assemblies were strong signed using a Verisign code signing certificate. Since the upgrade we continuously get the following error: Cannot import the following key file: companyname.pfx. The key file may be password protected. To correct this, try to import the c...
I've read a number of SO questions on this topic, but grokking the applied practice of storing a salted hash of a password eludes me. Let's start with some ground rules: a password, "foobar12" (we are not discussing the strength of the password). a language, Java 1.6 for this discussion a database, postgreSQL, MySQL, SQL Server, Oracl...
Now I am doing a android porjct. The project needs get the default username and password of Android phone. I don't know how to get the default gmail information of one Android Cell Phone. Can u help me. Thx. ...
In windows xp, I start sqlloader.exe to load data onto Oracle. This works great, until my password contains an @-sign, that is also used by sqlloader parameters to determine the database to connect to: sqlldr.exe userid/password@database control=ctrlfile.ctl How can I make sqlldr.exe accept a password like p@ssword? I tried with single...
Is this how hashed password stored in SQL Server should look like? This is function I use to hash password (I found it in some tutorial) public string EncryptPassword(string password) { //we use codepage 1252 because that is what sql server uses byte[] pwdBytes = Encoding.GetEncoding(1252).GetBytes(password); byte[] hashB...
Is there a way to password a protect an applet? ...
Is there any way to have socket.socket.recv run with hidden input. For example, if I was asking for a password I would want the input to be hidden, as if I were running the "sudo" bash command. Edit: socket.socket.recv asks for data on the remote end. When you are connected to the server it will ask you for text and when you type it in i...
I have looked a bit into cryptography and related matters during the last couple of days and am pretty confused by now. I have a question about password strength and am hoping that someone can clear up my confusion by sharing how they think through the following questions. I am becoming obsessed about these things, but need to spend my t...
Is there a way to hide my password for database access in my config.php configuration file ? What is the best way to do this ? I want to hide to visitors and hosting's admin :) ...
I'm in the designing stages of a custom tcp/ip protocol for mobile client-server communication. When not required (data is not sensitive), I'd like to avoid using SSL for overhead reasons (both in handshake latency and conserving cycles). My question is, what is the best practices way of transmitting authentication information over an ...
I have a form field where users can change their passwords, but if they set their settings to remember passwords, their password shows up. Is there a way to make the field always empty? So that they always have to type their password. <label for="oldpassword" class="styled">Old password:</label> <input type="password" id="oldpassword" n...
Hi everybody, this question might seem stupid, but here's the situation: I'm trying to create an auto login page for my mail using jquery's post request, but it's not working, it works with all other pages except with webmail. So, trying to figure out what was wrong, I recreated the login form, here's the code: <form id="form1" name="fo...
I have Java Applet(J2EE), I want to make it accessible only to a certain set of users,by authenticating them using username and password.What is the the best way of doing this? ...
Hi all, I am looking to automate the changing of passwords across multiple services and servers. For example: I want to change the root paassword to all of my web servers at once. I am thinking of writing a ruby script, but have you guys run across anything already written? If so, would that also give me the ability to change other sys...
I am generating salt and hash values from my passwords by using, string salt = CreateSalt(TxtPassword.Text.Length); string hash = CreatePasswordHash(TxtPassword.Text, salt); private static string CreateSalt(int size) { //Generate a cryptographic random number. RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(); b...
I stored salt and hash values of password during user registration... But during their login i then salt and hash the password given by the user, what happens is a new salt and a new hash is generated.... string password = collection["Password"]; reg.PasswordSalt = CreateSalt(6); reg.PasswordHash = CreatePasswordHash(password, reg.Pass...
hi i am generating random password. but i want to get phonetic string of the password. Any idea how can i get phonetic string? example : deT3f9y => delta - echo -Tango - number 3 - fox - number 9 - yankee ...
I am building a suite of batch jobs that require regular access to a database, running on a Solaris 10 machine. Because of (unchangable) design constraints, we are required use a certain program to connect to it. Said interface requires us to pass a plain-text password over a command line to connect to the database. This is a terrible se...
Hi there. Im searching for the most secure (but yet doable) way of password management in a web app. Right now, I save the password as hash. The DB account of the app is restricted to excecution of stored procedures and I authenticate users by giving the username and the hashed password to a stored procedure that returns 1(true) or 0(...
I am developing a web service and I need to send a username and password to the service in a GET method. Is it OK to send this information in the uri as long as it's going over a secure channel like ssl? In other words, can I have a uri that looks like /users/{username}/{cleartext_password}? Edit: Sorry, I think I was unclear. The web s...