Today's Question:  What's your opinion about Alibaba mooncake incident?        GIVE A SHOUT

SEARCH KEYWORD -- Password-lesslogin



  25 worst passwords in 2012


Weak password is a serious security vulnerability, but the majority of network users still use some universal simple character sequences as the password. SplashData recently announced the world's worst password list in 2012.  "password","123456" and "12345678" are still at top places, while others have varying,  some new passwords like  "welcome" "Jesus" "ninja","mustang"and "password1 "are in the list. With the risk of password loss, SplashData CEO Morgan Slain said we hoped netw...

   Password,Security     2012-10-25 12:04:49


  Password-less login


Most websites need user login in order to provide personalized content to visitors. The usual way is to request user to register an user account. Actually, this is not so appealing since if we need to remember one password for each website, it's troublesome, while for developers, it's their responsibility to protect password, once password is leaked, then it's a big headache to a website's business and reputation. So long time ago people started thinking about password-less login, this is a big ...

   Password-lesslogin,Authentication     2012-11-05 12:29:55


  Change password of postgres account in Postgres


When installing Postgres on Windows, there is some default account created for user to login. One of them is postgres, but we often don;t know what's the password for this account when we first login using this account. We need to change the password for this account. How to change it? Step 1. Modify the pg_hba.conffile Go to the /data/ and open the pg_hba.conf. # TYPE  DATABASE        USER            ...

   Postgres,password, user account     2013-03-04 01:51:02


  Let browser prompt for storing password when doing AJAX login


In Web 2.0 era, more and more web applications are using AJAX to replace the traditional HTML form element to perform user login. This usually provides a better user experience than form submission. But it also brings a side effect to the end users. That is the browser will not prompt the user whether s/he wants to save the password so that s/he no needs to enter the username/password again when visiting the same site next time. Below is the code snippet which does the AJAX login.  <scri...

   AJAX,Browser,Login,Password     2015-06-04 10:02:46


  In iOS6, no need to enter password for downloading free apps


In this coming autumn, Apple will release iOS6. User experience for downloading free apps or  upgrading apps will be largely improved. Users are no longer required to enter password again when downloading free apps or upgrading downloaded apps(free or paid). This means that users only need to enter password when downloading paid apps.In iOS5, users need to enter password when they download or upgrade apps.In iOS6, if users want to download free apps, they only need to click the "Free" butto...

   Apple,iOS6,Password,Free app     2012-07-25 10:53:16


  Using htpasswd to protect your website in Nginx


We need to build a password protected website frequently such as an internal website within the team, demo website. Here what we are talking about is password protection in Nginx server level instead of application level registration and login. We are going to use Nginx server configuration and htpasswd file to achieve password authentication. The final result looks like below(Different browsers may have different interfaces): If the authentication fails, it will report a HTTP error: 401 Author...

   Nginx,Password protected,htpasswd     2013-06-07 21:35:27


  Call of Duty Elite Has Amazing Security


I had tried to register for Elite yesterday, and the servers were being funny, so I wasn't sure if I'd registered. I just now tried to reset my password, and I got the following:Hello JoshForgot your password? These things happen. Access your account with the password below:{Actual Unencrypted Password}Really? They're storing hundreds of thousands of passwords in plain text??EDIT: Not sure what the downvotes are for, surely it's not because huge companies like Steam and Sony never get hacked, an...

   Game,Elite,Call of duty,Defect     2011-11-15 12:42:50


  A serious security vulnerability found in MySQL/MariaDB


Recently a serious security vulnerability was found in MySQL/MariaDB. It relates to the access to the database. The issue is described below.When a user connects to MariaDB/MySQL, a token (SHA over a password and a random scramble string) is calculated and compared with the expected value. Because of incorrect casting, it might've happened that the token and the expected value were considered equal, even if the memcmp() returned a non-zero value. In this case MySQL/MariaDB would think that the p...

   MySQL,MariaDB,bug,fix,password,memcmp()     2012-06-11 10:28:09


  Run MySQL on Command Line in Windows


Sometimes if we want to run MySQL but we don't have phpMyAdmin installed. What should we do?On Windows we can run MySQL in following steps:Open Console Window->Type "mysqld -u root". This means we start the mysql server with username root. This program will handle all the communications between our console window and the actual data;After starting the server, we need to use a client to connect to the server and communicate with it. the mysql program is right for this. Next in the command cons...

   mysql,console,command line,windows,defau     2011-08-21 04:14:58


  How does CSDN dare to use plain text as password?


Recently, the China's largest Chinese IT community website named CSDN leaked its user's account information. Later today CSDN made an announcements to its users on their website. The announcement said that some user account information was leaked and the passwords of the accounts were stored as plain text in their database before 2009, and after 2009, they adopted an encryption algorithm to encrypt user password. They urged all users who registered the account before 2009 to change their passwor...

   Security,Information leak,CSDN,Plain text     2011-12-22 09:10:01