passwords

A set of valid characters for web site passwords

Hi I was composing a regex for a password field of my site and had a concern: Are there any characters I should block a user from entering? If so why? Or is it enough just to escape dangerous characters like = and ' when processing data? It seems good for this topic to list the php functions for escaping those, if you would. Thanks! ...

Why encrypt user passwords?

Possible Duplicate: Why arent original passwords stored? Why would one store encrypted user passwords in a database, if the password is the least valuable part of the data? It doesn't seem like it would affect external attacks; setting a limited number of login attempts per day per account would be effective. It doesn't seem l...

Convert leet-speak to plaintext.

I'm not that hip on the L33t language beyond what I've read on Wikipedia. I do need to add a dictionary check to our password-strength-validation tool, and since leet-speak only adds trivial overhead to the password cracking process, I'd like to de-leet-ify the input before checking it against the dictionary. Edit - To clarify the r...

Want to have a password input screen just like the unlock the device interface

I'd like to design a password input screen and I'd like the "unlock device" interface. How to implement it in iphone SDK? Any sample code? I can't find the four square box that in IB. Shall I build it my own? ...

SSIS: Is it possible setting a password for a ssis package just like we did for dts legacy packages?

Is it possible setting a password for a ssis package just like we did for dts lagacy packages? I've created a new ssis package but do not know how to set a password for it? ...

How can you test if an AD password will meet configured complexity requirements?

Hi In a net 3.5 csharp application I need to know in advance if an AD password will meet configured complexity requirements. How can you do that? TIA ...

Password encryption in Jackrabbit

I am currently standing up a Liferay portal instance. Liferay uses Jackrabbit as its document repository management system. To configure Jackrabbit, I had to put in my database access URL, user name, and password into the repository.xml file. However, one certification check I have to pass is that there cannot be passwords stored in p...

.pfx password issue C#

A new topic too me is file extension .pxf security. Even though I get the password, I don't know how to use them. How does this work on .NET programming? Especially unlocking pfx-secured assemblies. Assignments are submitted as compressed solutions. Normally, I unzip files and open them using Visual Studio 2010. ...

Generating passwords in Python 3.1.1

I am looking to generate passwords using strings typed by the user, the book I am reading recommends using sha over md5 because it is considered stronger. sha however has been deprecated and I am now using the hashlib module to encrypt me strings in a similar way to that shown here: http://docs.python.org/py3k/library/hashlib.html#modul...

JavaScript doesn't work in my frames?!

Hey! I am making a homepage at the moment and I have made an edge around the "main page" with frameset... that was probably stupid, but now my JavaScript for some reason doesn't work?! What I want to do is make a username and password protected page using javascript. The script itself is as follows: function logIn(); { var username ...

Storage of passwords in Google Chrome Extension.

I started reading Google Chrome's documentation, and liked it's approach of using HTML and Javascript to create extensions. Reading this tutorial about Local Storage made me think about a lot of different uses. I want to develop an extension to help me with corporate systems. It's very specific, and it's only going to be used inside a c...

mysql phpmyadmin user password for database

i am using phpmyadmin; i created a database; now i want to locate the username and password for this new database i created. note, i am not sys admin, i am only the developer, but i do have access to create db on mysql in phpmyadmin. does my sys admin needs to tell me the username and password to access this db, or i can telnet and get i...

IE 8 input type text/password bug

<tr> <td>Password:</td> <td><input type="password" name="j_password" id="j_password"/></td> </tr> The code above increases the CSS offset of the input element 6 pixels right. If the type is changed to 'text' as opposed to 'password' the CSS offset is not increased. I would file this as a bug with MS but I don't have the time nor e...

What is better hashed or encrypted passwords?

What is best for storing passwords? Should I be Encrypting or hashing password for you users table ? What do you prefer, and why? Could you please provide an example of secure password storage. ...

is there a tool that can extract all strings from any type of file?

i'm looking for an alternative to wyd 0.2 that can extract strings from any type of file it comes across. thanks =) ...

Is there a Java equivalent/implementation of cracklib?

I need to implement minimum password complexity checking in a Java web application (Spring/Hibernate). It seems that on Linux I could use pam_cracklib, but is there a pure Java alternative? ...

Prevent Rails from caching a password

I'm setting up an edit profile page. And the password is available for change on it. The only problem is that the password_field gets prepopulated with the password, and when they just want to change their name, they must also change their password as well. Does anyone know a common workaround to this? ...

What is a good way to produce a random "site salt" to be used in creating password retrieval tokens?

I would like to create a site-wide hash to be used as salt in creating password retrieval tokens. I have been bouncing around stackoverflow trying to get a sense of the best way to do this. Here's the reset process: When a user requests a password reset email the code generates a retrieval token: $token = hash_hmac('sha256', $reset_h...

secure way to deliver password over URL?

hey guys, i wonder if there's a secure way to deliver a password with an URL (like ?p=mypassword) how can i encrypt and decrypt such a password so it's secure. i guess md5 is not working in my case because the password must still be readable. It's an FTP passwort which gets passes along to the ftp_connect. i think md5 doesn't work in t...

password protection while crating .tar file?

Hi , could anyone can give me a solution for protecting my application backup facility with default password internally Am using to create a ".tar.gz" file format by make use of the 'import tarfile'. Is there any object in it to set the password? ...