Questions tagged [passwords]

1

votes
1

answer
140

Views

Migrate bcrypt password hash from PHP to Python - ValueError: Invalid hashed_password salt

I have a PHP7 app which hashes users passwords like this $hash = password_hash($password, PASSWORD_BCRYPT); For example, if I pass test1234 to that, I've got: $2y$10$aazE9OUKZlOQiM6axwxU/utpOURLQ58pluqtFZkkGE3R9ShtUxBOm Now, I have a Python app, which has to update users passwords too. It uses somet...
barell
0

votes
0

answer
4

Views

This password reset token is invalid while trying to reset password in laravel

I am having issue in my password reset and i am getting the error of this password reset token is invalid i am unable to solve this issue: My Controller: class ResetPasswordController extends Controller { use ResetsPasswords; } My Routes: \Illuminate\Support\Facades\Auth::routes(); Route::get('passw...
syed1234
1

votes
1

answer
33

Views

Does encrypting password multiple times in different encryption middleware work?

So, this is just a random thought. if I encrypt a password and encrypt its salt into another encrypt middleware. would it strengthen the password's privacy from potential hacker, or is it just a poor attempt? please enlighten me. bcrypt.genSalt(saltRounds, function(err, salt) bcrypt.hash(myPlaintex...
1

votes
0

answer
44

Views

Does the PHP password_hash salt include the trailing period?

According to this image: PHP password_hash diagram from the PHP docs, the salt includes a trailing period, however as evidenced by previous information in 'Algorithm Options' in which the trailing $ goes unused, this trailing period would go unused. I'm more inclined towards it being unused but it's...
Grey Face No Space
1

votes
0

answer
33

Views

Password protect https apache server

I'm having trouble adding apache password protection to the HTTPS version of a site. This server is running Ubuntu 14.04 and I've installed apache2. There is only one site on the whole server. I have succeeded in password-protecting the HTTP version of the site by entering the following code in /apa...
MBWD
1

votes
1

answer
348

Views

How to allow asp.net passwords to include special characters like “<” and '“>”

How to make asp.net to allow the less than() symbols along with other special symbols to be included in the password field? I have tried setting the page request validation settings but I can't afford to compromise on security. Still I want the '' symbols to be allowed in password fields.
Kiran
1

votes
1

answer
35

Views

How can I know if the creation of a user with email and password was successful? and take actions

For example: firebase.auth().createUserWithEmailAndPassword(email, password).catch(function (error) { // Handle Errors here. var errorCode = error.code; var errorMessage = error.message; // [START_EXCLUDE] if (errorCode == 'auth/weak-password') { alert('The password is too weak.'); exit; } else { al...
user3667422
1

votes
0

answer
270

Views

Does SecureRandom use the same seed on each restart?

I'm currently trying to implement a password hash manager in Java. Looking for the best way to achieve this, I learned about salts. This is the generateSalt function I've found : public static byte[] generateSalt() throws NoSuchAlgorithmException { SecureRandom random = SecureRandom.getInstance('SHA...
WaLinke
1

votes
0

answer
15

Views

How to prevent Firefox/Chrome/etc from updating password in Password Manager?

I have a page where the user updates their password through an AJAX api call. The user inputs their current password along with two copies of the new password. After the form is submitted, the browser asks the user if they would like to update their stored password. For a successful password change,...
Jeff Seifert
1

votes
0

answer
118

Views

Remove show/hide password icon in Safari

Is there any way to disable or remove show/hide icon in Safari which appears when you start typing symbols into the input with 'password' type? I could easely do it in IE/EDGE by adding to my CSS following rule: input[type=password]::-ms-reveal, input[type=password]::-ms-clear { display: none; } But...
Igor Kurylenko
1

votes
0

answer
179

Views

How to generate secure passwords with blowfish encryption in java?

Currently I'm trying to generate Secure passwords, and I have the next method: public String blowfishEncrypt(String pass){ //String encPass = BCrypt.hashpw(pass, BCrypt.gensalt(12)); //return encPass; try{ //KeyGenerator keygenerator = KeyGenerator.getInstance('Blowfish'); String key = 'q2eRE#$%Fwdf...
Cesar gutierrez
1

votes
1

answer
36

Views

password_hash, Password_default causing issue

i have 2 register pages with different codes but i want them to return same password hash ! or at least accepted format by Password_verify first is: function _password_hash($password) { return password_hash($password, PASSWORD_DEFAULT); } $db->query(sprintf('INSERT INTO users (user_name, user_email...
Coda Raafat
1

votes
0

answer
8

Views

how to make a pass word that will redirect me to another page only when its correct. all while staying on the same tab

I'm a beginner and I'm using HTML to embed aspects onto google sites. forgive me if my title wasn't specific or my question is idiotic. this is my code: Enter the password to proceed Password: the problem is it will redirect me to the other page on a new tab that it opens is there any way to keep i...
Max Ratcliff
1

votes
3

answer
57

Views

Store passwords safely but determine same passwords

I have legacy browser game which historicaly uses simple hashing function for password storage. I know that it' far from ideal. However time has proven that most of the cheaters (multiaccounts) use same password for all of fake accounts. In update of my game I want to store passwords more safely. I...
netrunner
1

votes
3

answer
82

Views

Verify a password is hashed

To make it really simple, let's say I've got an application with passwords stored somewhere (it doesn't matter where). The php runs: ⋅ $hash = password_hash($user_input, PASSWORD_DEFAULT); when the user modifies the password, and then stores $hash, ⋅ $Access = password_verify($user_input, $hash)...
Takit Isy
1

votes
1

answer
27

Views

How to Securely Store Various Credentials?

Background: I am working on an application (for a school project) that will essentially become a network asset management and remediation tool. It will scan the network for devices, gather information about them and do some other things not relevant to the question. One feature it would have is allo...
Wulfa
1

votes
1

answer
1.4k

Views

How can I find user and password of db2 database?

I forgotten user and password of db2 database version 11.1.2.2. How can I find user and password?
Priyanka Patel
1

votes
1

answer
50

Views

Java registration simple checker

I have a simple password and text area checker for a registration page. Here all the text area MUST be filled, otherwise a popup JOptionPane. AND the password and the re-entered password (confirm password) should be equal otherwise warning. I don't know how to do this. Code: private boolean check()...
ram kumar
1

votes
0

answer
23

Views

How can I get the check marks to pop up every time one of the requirements are met?

Am stuck on how to get the check mark to pop up every time it meets a requirement. So if all the requirements are met I only get a check mark for having a number but no others. Also are there any other way I can improve my code. All my invalids pop up so all I have left is to just get the check mark...
OddBallG
1

votes
2

answer
1.1k

Views

authentication with only username (id) in laravel

I'm creating a Laravel project where i would like to add authentication based on only a username or ID. the point is that you can connect your client to a device with a certain ID. Goal: i go to the page, type the ID of the product i'm holding and the device gets logged in on the products account. i...
Baksteen-13
1

votes
0

answer
190

Views

MySQL 5.7 - Under the hood of MySQL PASSWORD() function

I am migrating from MySQL 5.5 to 5.7. I would like to understand the algorithm used by the PASSWORD() function (which is implicitly and internally called by MySQL) when creating users. Tests: When I have started my local MySQL 5.7.19 instance, the following command-line print 0 for old_passwords: SH...
Gugelhupf
1

votes
2

answer
258

Views

Remember root password throughout script using Bash

Background I have a long bash script which setup a large environment of interconnected software, taking several hours to complete. A few of the tasks it performs need to be run as root, for which I use sudo .... The whole process is then paused until the user notices and types in the root password....
jmd_dk
1

votes
0

answer
173

Views

Can not install cocoapods because of the password on Mac desktop

I have been trying to install using the command sudo gem install cocoapods on my desktop with OS. X High Sierra. After entering the command, it asks for the password. I enter an administrator password and it replies 'Sorry, try again'. Also, by the password, I see a sign of a key. Does it mean it...
Sergey_yaklichk
1

votes
1

answer
527

Views

excel created a password to unprotect a sheet without me telling it to

I have a protected sheet with certain cells unlocked for editing. I have button click macros that run various processes that temporarily unprotect the sheet to allow the code to run, then protect it again when done. example: sub macro1() activesheet.unprotect ' code here activesheet.protect allowsor...
dusty_j
1

votes
1

answer
23

Views

mysql password error and close

When I run the MYSQL 5.7 command line client, it says 'Enter password'. I entered the password correctly, but the error message appears briefly and exits quickly. So I can not see the error message in detail. How can we solve it?
haramq
1

votes
1

answer
24

Views

.htaccess allow subfiles but not auto index or index.html

I have a sub-directory that I wan't to deny access using htaccess password protection with but allow all other files within this to be directly accessable, eg: www.mydomain.com/images
Stuart
1

votes
0

answer
90

Views

Vbscript to change non admin user IP

A user once logged in I want to change his IP network to a specific static address. This user should not know the Admin's user password. So far I have found success with this vbscript 'run in elevated mode If WScript.Arguments.length =0 Then Set objShell = CreateObject('Shell.Application') 'Pass a b...
F.Mysir
1

votes
0

answer
253

Views

Adding/Removing SQLite database password programmatically

Trying to create functions to programmatically add a password to the sqlite database, and remove it - to get rid of the password when in debug. I followed the steps of the best post explaining it (https://stackoverflow.com/a/1385690/6617804) and all the other sources that I found are using the same...
Gaël
0

votes
0

answer
23

Views

Reverse Engineering Salted SHA1 Password Logic in SQL

I recently took over as an application administrator for an in-house developed app, an app which came with no documentation and no support. I found out my predecessor gave the exact same initial password to every new user, and there is no password policy in place requiring users to change their pass...
overDome
1

votes
1

answer
95

Views

Vba Excel error using SaveAs with password

I wrote a simply code to save every Excel Worksheet as a new file (.xlsx) protected with password: For i = 1 To 7 ThisWorkbook.Sheets(i).Copy ActiveWorkbook.SaveAs ThisWorkbook.Path & '\' & i & '.xlsx', FileFormat:=51, Password:='XXX' ActiveWorkbook.Close False Next i It works but the error is t...
Angelo C
1

votes
1

answer
56

Views

Security of data in memory (Python)

I have an application that uses sensitive information (passwords). As the password is kept on memory (a variable) I wonder if an attacker could read the information stored in the memory. Does python ensure that the variables cannot be read by other software running on the same machine? If not, how c...
Jaime
1

votes
0

answer
239

Views

PHP zipArchive::setPassword not working properly

I have a zip file protected with password. It has two files inside, fileA.php (size=1KB) and fileB.php (size=4KB). When I execute this code: $mipass='xxx'; $zip = new ZipArchive(); if ($zip->open('myzipfile.zip') === true) { if ($zip->setPassword($mipass)) { $zip->extractTo('test'); $zip->close();...
George L.
1

votes
0

answer
35

Views

How do I use a form to check whether the username and password is correct on the same page and then redirect to the profile page if correct?

This is the code that I have on my login page: Log in - neilslist Member Login Username : Password :     Dont have an account? Sign Up Here What I want to do is when the user enters the username and password into the fields in the form, the information is sent to the database to verify if the us...
1

votes
1

answer
213

Views

jQuery: check if input has values auto filled by the browser

If the form input has certain pre-filled values on page load, I want to do certain things to the form. The following code works fine in all cases except when the input values are the values saved in browser. if($('#edit-name').val()!=''){ //Do something here } The form shows the values but console.l...
Sandesh Yadav
1

votes
2

answer
45

Views

Change password procedure PLSQL using IN and OUT parameters

Good evening! I’m trying to make a stored procedure in PLSQL where I can change a users password. I want to check if the current password is correct after which I will either update the users password or else print an error. What I’ve come up with so far is the following code. I’m struggling w...
YNGLST
1

votes
1

answer
779

Views

R Shiny: building a dashboard with authentication

Using Shiny App and R, I want to build a dashboard where only the authenticated users can use. The structure of the app is: Simple login page with user name box and password box, where users put user name and password Dashboard page where only the users who are authenticated on login page can access...
1

votes
1

answer
25

Views

Why are my passwords not being hashed?

With the code below, I am able to successfully add a new user. However, when I look at users in the database, the password is in plain text. Obviously I'm doing something wrong. In the section where let newUser = new User, the password is passed in from the request body. If there are no errors, bcry...
ty.loves.code
1

votes
0

answer
284

Views

Vuejs FontAwesome eye icon to show and hide password

I am trying using the font awesome eye icon to show and hide the password when the user is trying to login. The icon does show, but I am unable to show the characters entered. Could someone please help me. Below is the html code I am using for the password. The password that you can see within the...
Aadil Hafesji
1

votes
0

answer
23

Views

Does UserPrincipal.ChangePassword count toward password history?

Does a UserPrincipal.SetPassword() contribute to a user's password history? This is the administrative version of UserPrincipal.ChangePassword(). SetPassword bypasses password rules (at some level) whereas ChangePassword is bound by the password complexity/length/history requirements. We have an app...
joynoele
1

votes
0

answer
678

Views

Windows Surface on-screen keyboard will disappear when focusing on password input

Background: I have users who commonly access a site using Windows tablets. The tablets do not have external keyboards connected and the web page is accessed using a bookmark to utilize the browsers web-app/kiosk mode. Their browser of choice is Chrome. Issue: Windows Surface's on-screen keyboard is...
Mac Mad Ill

View additional questions