^\S*(?=\S{8,})(?=\S*[a-z])(?=\S*[A-Z])(?=\S*[\d])\S*$ From the fine folks over at Zorched. ^: anchored to beginning of string \S*: any set of characters (?=\S{8,}): of at least length 8 (?=\S*[a-z]): containing at least one lowercase letter (?=\S*[A-Z]): and at least one uppercase letter (?=\S*[\d]): and at least one number $: anchored to the end of the string To include … Read more
There’s no single “silver bullet” answer here and it would all greatly depend on details. First of all, I consider best practice to separate all source code from configuration in separate repository. So, source code remains source code, but it’s installation or deployment (with configuration, passwords, etc) is the whole other thing. This way you’ll … Read more
Yes, it is possible using JOptionPane.showOptionDialog(). Something like this: JPanel panel = new JPanel(); JLabel label = new JLabel(“Enter a password:”); JPasswordField pass = new JPasswordField(10); panel.add(label); panel.add(pass); String[] options = new String[]{“OK”, “Cancel”}; int option = JOptionPane.showOptionDialog(null, panel, “The title”, JOptionPane.NO_OPTION, JOptionPane.PLAIN_MESSAGE, null, options, options[1]); if(option == 0) // pressing OK button { char[] … Read more
You can use this to prevent cookies from being stored and clean cookies already stored: CookieSyncManager.createInstance(this); CookieManager cookieManager = CookieManager.getInstance(); cookieManager.removeAllCookies(callback); cookieManager.setAcceptCookie(false); WebView webview = new WebView(this); WebSettings ws = webview.getSettings(); ws.setSaveFormData(false); ws.setSavePassword(false); // Not needed for API level 18 or greater (deprecated)
You don’t decrypt authentication passwords! Hash them using something like the SHA256 provider and when you have to challenge, hash the input from the user and see if the two hashes match. byte[] data = System.Text.Encoding.ASCII.GetBytes(inputString); data = new System.Security.Cryptography.SHA256Managed().ComputeHash(data); String hash = System.Text.Encoding.ASCII.GetString(data); Leaving passwords reversible is a really horrible model. Edit2: I thought … Read more
Use “sshpass” non-interactive ssh password provider utility On Ubuntu sudo apt-get install sshpass Command to rsync /usr/bin/rsync -ratlz –rsh=”/usr/bin/sshpass -p password ssh -o StrictHostKeyChecking=no -l username” src_path dest_path
>>> import getpass >>> pw = getpass.getpass()
You can use the Security framework #import <Security/Security.h> To save a username and password for a server: -(void) saveUsername:(NSString*)user withPassword:(NSString*)pass forServer:(NSString*)server { // Create dictionary of search parameters NSDictionary* dict = [NSDictionary dictionaryWithObjectsAndKeys:(__bridge id)(kSecClassInternetPassword), kSecClass, server, kSecAttrServer, kCFBooleanTrue, kSecReturnAttributes, nil]; // Remove any old values from the keychain OSStatus err = SecItemDelete((__bridge CFDictionaryRef) dict); // … Read more
Salt your hash with secure random salt of at least 128bits or longer, to avoid a rainbow attack and use BCrypt, PBKDF2 or scrypt. PBKDF2 comes with NIST approval. To quote: Archive.org: http://chargen.matasano.com/chargen/2007/9/7/enough-with-the-rainbow-tables-what-you-need-to-know-about-s.html The problem is that MD5 is fast. So are its modern competitors, like SHA1 and SHA256. Speed is a design goal of … Read more
I have found a dirty workaround for this problem, by inserting an invisible iframe and targeting the form to it: <iframe src=”https://stackoverflow.com/blank.html” id=”loginTarget” name=”loginTarget” style=”display:none”> </iframe> <form id=”loginForm” action=”https://stackoverflow.com/blank.html” method=”post” target=”loginTarget”></form> The corresponding JavaScript: $(‘#loginForm’).submit(function () { $.post(‘/login’, $(this).serialize(), function (data) { if (data.status == ‘SUCCESS’) { window.location = data.redirectUrl; } }) }) The trick … Read more