passwords

how to pass password for rsync ssh command

I need to do rsync by ssh and want to do it automatically without need of passing password for ssh manually. ...

Generated password characters that are hard to mistake

I am developing a tool where a short pass code is generated. That code will be read to the intended user, so I want to limit my character set to letters that are hard to mistake. Both the reader and the listener will be untrained, so any solution must be transparent to them. I want to be able to just give them the passcode and have it...

Set Active Directory password hash to a SHA1 value?

I'm syncing users from an external system into ours. I need to set the user's password in our Active Directory. I am only provided SHA1's of the external user's passwords and setPassword will hash whatever I is input. Is setting the User's unicodePwd the actual hash field? If so, can I just set it to the provided hash? If not, how/...

How to implement MD5 hashing in a user registration and login system?

I am using PHP and Mysql. I want to know how to send password hashed using MD5 and want to check against it when the user tries to log in. I tried it, but it's not working properly. If anyone knows how to do it, please provide me the code. ...

Limiting characters of password

i have a simple question.. in registration script.. how can i set the limit character of a password. sample: minimum character is 6.. so what will be the code. please help me. :-( ...

Check password before decryption.

I'm writing small program (C++) to encrypt/decrypt files. Before decryption I would like to check if password given by user is correct. My idea: Add at the beginning of file some string (for example: "GOOD"); Encrypt file When decrypting first decrypt the beginning of file and check for "GOOD" string Is this correct? ...

Hide/encrypt password in bash file to stop accidentally seeing it

Sorry if this has been asked before, I did check but couldn't find anything... Is there a function in Unix to encrypt and decrypt a password in a batch file so that I can pipe it into some other commands in a bash file? I realise that doing this provides no real security, it is more to stop someone accidentally seeing the password if t...

Figure out if a website has restricted/password protected area

Hi, I have a big list of websites and I need to know if they have areas that are password protected. I am thinking about doing this: downloading all of them with httrack and then writing a script that looks for keywords like "Log In" and "401 Forbidden". But the problem is these websites are different/some static and some dynamic (htm...

Initial User Password Import to MYSQL

I inherited a site with a with a large user base. My client is updating their records and I need to import some predetermined passwords for about 900 users into a mysql table. The row that I am importing to seems to encrypt the passwords if I enter them through the php front end. I can get all of the passwords to import into the table us...

What is best practice for dealing with passwords and configuration files?

I'm writing an internal business application that needs to access a number of different databases. Each database needs a different password. I'm loathed to actually hard-code my passwords because if they change then Ill be forever having to modify them in my code. Not to mention the fact that there is no attempt at security in this situa...

Is it possible to add a "Master" password for an encrypt/decrypt program?

Hi! I've written an encryption program that encrypts and decrypts selected files using a user-entered password as the encryption key. Once en/decrypted, the user will be asked if they want to delete the file that was used, and, in the case of decryption, open the newly decrypted file. My brother came up with an idea for this applicati...

a better approach than storing mysql password in plain text in config file?

It's always bothered me that many PHP programs require the user to store the mysql password in plain text (in a string or constant) in a configuration file in the application's root. Is there any better approach to this after all these years? So far I have come up with two minimal security boosts: make the file unreadable via the web...

Changing membership providers / password hash values...

I'm in the process of migrating an application from .Net forms to MVC. The application currently uses a custom membership provider and I would like to convert it to use the SQL Membership provider. I'm hoping to use the current user passwords as is. The "old" application uses "ComputeHash" in System.Security.Cryptography.SHA1CryptoSer...

What is best way to salt password?

Hello, can you please tell me what is best way to salt password. Which method best? Thank you. ...

Use wordpress database for other script

My website used to work on wordpress engine but now I'm writing my own script. The problem is that users passwords in wp_users table are encoded in a strange way... Can anyone please tell how should I encode it so that it worked on my new script? ...

how to ssh onto a host without password using java

Hi All Im currently using a java application to run commands on a unix box by invoking an instance of the bash as follows -- proc = Runtime.getRuntime().exec("/bin/bash", null, wd); and Im executing commands on the box by Printwriter as follows -- PrintWriter out = new PrintWriter(new BufferedWriter(new OutputStreamWriter(proc.getO...

Password extractable from executable code?

If a password is hard-coded into a variable in source code such as VB, could someone extract this password by looking at the compiled executable code? If so, what can be done to avoid this? ...

How can I generate a random English "sounding" word in .Net?

I know there have been several posts about random word generation based on large dictionaries or web lookups. However, I'm looking for a word generator which I can use to create strong password without symbols. What I'm looking for is a reliable mechanism to generate a random, non recognised, English word of a given length. An example ...

How could I emulate an HTML password field (but one which fires keydown events)?

I need to be able to record keyboard events on elements that act like password (masked) inputs. It sounds sinister, but I assure you it's not. I am not a phisher or scam artist of any kind. My users will be made aware that there behaviour is being analysed and are instructed not to enter a password that they use anywhere else. With tha...

Password validation Regular expression

I have a password validation like the following rules Should contains at most 15 chars and 8 chars at least Password should contain 2 numeral character There is no importance where to put the two numeral chars in start or end even if they anywhere in the password ...