RSS Subjects — Blogs about "Authentication"

Authentication

"Off the Peg" Authentication can lead to an ill-fitting suit
2008-07-31 02:00:00
I was interested to read in the papers here that the UK's Association of Private Client Investment Managers and Stockbrokers (Apcims) has raised concerns about changes to existing data security measures which are being imposed by the Financial Services Authority (FSA). The FSA is seeking to mandate strong authentication -- using secret questions (you know the kind of thing -- mother's maiden name, date of birth, name of your favourite Spice Girl, etc, etc) -- before brokers can get on with doing business with their clients by phone. This comes a few months after a city firm was hit with a £77k (~$150k) fine for failing to do just that. Now, ordinarily, forcing mandatory extra authentication like this you'd think is a good idea, and something that should be applauded...

By: RSA Security Blog: A Blog for Security Professiona

Virtualization and Authentication
2008-07-08 02:00:00
Virtualization is one of the most hyped technologies in Information Technology today -- and rightly so. It offers the potential to improve utilization, lower cost of ownership of computers, enhance productivity, ease compliance, increase reliability and potentially improve security. Let's explore the last claim. Without a doubt, there is an impact of virtualization on security, and in particular authentication...

By: RSA Security Blog: A Blog for Security Professiona

Multi or Two Factor Authentication Project
2008-06-24 18:37:00
Quite some time ago I put together a proof of concept illustrating the relative simplicity by which a multi factor authentication system, sometimes referred to as two factor authentication could be established for web services. My basic design concept was to use server-side technologies to create and store an authenticated session key having achieved strong authentication with the client browser. A couple of design parameters that I set myself early on during the development stage was to ensure ease of integration with existing web sites and the lowest possible cost in development time and maintenance while achieving the primary goal of strong authentication. Having achieved this basic concept (a demo site can be seen at http://www.david-c-evans.com/mf-a) I have now decided to breath new life into the project and improve upon the design while hopefully streamlining the and enhancing the code. **NOTE: There appears to be a problem with the demo site login right now. I will fix this...

By: Poscribes - The Ramblings of David Evans and frien

Acxiom gets personal with authentication
2008-05-28 21:45:00
Acxiom gets personal with authenticationNew service uses little-known details about your life to authenticate you online. Biographical "facts" are a stronger deterrent to fraud, Acxiom says. http://n-ews.cnet.com/8301-10789_3-99538-18-57.html?...

By: TechnoWorldInc.Net - The Best Technical Blog Onlin

SQL SERVER 2005 - FIX Error: 18456 : VISTA Windows Authentication
2008-05-06 03:30:00
In previous post I have mentioned about SQL SERVER 2005 - Vista Ultimate and SQL Server 2005 DEV Edition. There was one simple issue with the installation. I was not able to login using windows authentication method. I was able to successful login using sa username and password. I kept on receiving following error. TITLE: Connect to ...

By: Journey to SQL Authority with Pinal Dave

Freebies-Wordpress Addons-Login-box 1.0
2008-05-05 22:02:00
Hey! Here’s another great wordpress plugin that you should look at! Category: Admin Tools Author: Marcus Danillo Nunes Description: Login-box is a WordPress plugin that inserts in all your pages a login form, making faster the authentication process. As the Login-box is hidden, it does not draws attention of your readers to this part of the blog that ...

By: Hyper Tech Ninja

sshpass - Non-interactive ssh password authentication
2008-05-05 00:40:00
SSH’s (secure shell) most common authentication mode is called “interactive keyboard password authentication”, so called both because it is typically done via keyboard, and because openssh takes active measures to make sure that the password is, indeed, typed interactively by the keyboard. Sometimes, however, it is necessary to fool ssh into accepting an interactive password non-interactively. This is where sshpass comes in.

By: Server Tales

An Example of User Authentication System in PHP II
2008-04-25 08:38:00
This is a short follow-up of the last post An Example of User Authentication System in PHP. In this post we’ll talk about the two methods of from sending GET and POST and how thy affect the way data sending From the previous posts example, when we provided the username and password and clicked on submit, we saw something like this: If you look at the address bar, you can see the data (username and password) being sent. Now, that’s not a good thing, if we are using a password box to hide the password being entered then what its use is if it can be seen this way! The good thing is that with very few modifications, the data passed can be made invisible (not to appear on the address bar). How? By using POST method of data sending for the HTML form. It can be done like below: <html> <head> <title>Simple Uesr Authentication System</title> </head> <body> <form name="form1" method="...

By: Learning Computer Programming

An Example of User Authentication System in PHP
2008-04-24 19:05:00
In this post we’re going to create a very simple user authentication system in PHP. It’d be like the one’s you see while logging in to various sites/services (emails, forums, social networking sites etc) User authentication is a way for sites to know who you are among the other registered users and showing you relevant content (may be confidential). For example it’s only you ho is authorized to see your emails because you only know your authentication information. In this post we’re going to create two files, a HTML page which will collect the username and password in a form. These information will then be send to a PHP script, which will verify and show the required information. Below is the PHP code: <?php //define some constants define("USERNAME", "goodjoe"); define("PASSWORD", "123456"); define("REALNAME", "Joe Burns"); //have the data being passed ...

By: Learning Computer Programming

Zend Framework Login: Creating Authentication
2008-04-22 16:42:00
tutorial php about how to authenticate at login system for Zend Framework

By: Step by Step PHP Tutorial

Authentication and Authorization in ASP .NET
2008-04-18 16:10:00
Authentication and authorization are two tightly-coupled concepts to form the core of security for .NET applications.Authentication is the process of determining and verifying the identity of users based on the users? credentials. Authorization is the process of determining what level of access an authenticated identity should be granted to a given resource.Whenever a user logs on to a system, he/she will be authenticated first before he/she is authorized.AuthenticationThere- are three types of authentication in ASP .NET:1. Form authentication2. Windows authentication3. Passport authenticationForm AuthenticationYou can handle authentication using your own custom logic depends on code written in your .NET application. After a user is authenticated, the credentials will be stored in a cookie to handle subsequent processes.Windows AuthenticationWindows authentication is the default authentication mode in ASP .NET. By using this mode, a user is authenticated based on his/her Windows acco...

By: Code Libary of e-July

Mobile Authentication at RSA Data Security Conference by Clickatell: Is thi
2008-04-08 18:33:00
We are always up for good news and new press releases and this release will be interesting to some but then again not to others, but here goes anyway. Clickatell who are a global provider of mobile messaging solutions and anything to make our lives better has to be thought about. Please read the full ...

By: Phones Review

Windows Authentication in ASP.NET
2008-04-08 05:30:00
If your application is targeted for use inside an organization, and users accessing the application have existing user accounts within the local user database of the Web server or Active directory, you should authenticate users with Windows authentication. You can configure Windows authentication in two ways: within IIS and within your ASP.NET application. To provide defense in depth, use both techniques to require authentication. When a Web application requires Windows authentication, the application rejects any request that does not include a valid user name and password in the request header. The user’s browser then prompts the user for a user name and password. Because the browser prompts the user for credentials, you do not have to create a page to request the user’s user name and password. Some browsers, such as Microsoft Internet Explorer, automatically provide the user’s current user name and passwordwhen the server is located on the intranet. This sea...

By: Beyond Web Logs - Success Here and Hereafter

Comodo Usertrust Feedback and Social Authentication Platform Emerging as a
2008-04-04 01:34:00
Considered by many online merchants as "Viral marketing in a box", UserTrust is being used to ignite viral marketing campaigns for free which is generating new revenue for eMerchants

By: InfTek Hosting and Web Design Resources

How To Set Up SSH With Public-Key Authentication On Debian Etch
2008-03-30 19:44:00
This guide explains how to set up an SSH server on Debian Etch with public-key authorization (and optionally with disabled password logins). SSH is a great tool to control Linux-based computers remotely. It is safe and secure.

By: Server Tales

The New Wave In Virtual Private Network Authentication
2008-03-28 01:00:00
While RSA, The Security Division of EMC has evolved into a broad organization focusing on Information-Centric Security through Information Risk Management, securing Virtual Private Networks (VPNs) is still a significant portion of our business. The main use case for RSA SecurID, in its various forms, continues to be supporting the needs of the mobile workforce. As organizations mature, they are now extending beyond the VPN power user to additional (and often very large) populations ...

By: RSA Security Blog: A Blog for Security Professiona

A True Horror Story About Why We Need Authentication Standards
2008-03-16 20:24:00
Pito’s Technology Blog – I am constantly downloading applications and utilities off the web to try this or that out. I am as paranoid as the next guy so I do think about where this app came from and what havock it may or may not be planning. Still, I often will choose to ignore my most paranoid impulses and ... read more

By: Tech Dispenser - The Computerworld Blog Network

Authentication in the real world
2008-02-18 02:25:00
There is an interesting prank being pulled on CEO’s and CFO’s of many large public companies that highlights the trouble of authentication in the real world. The wall street journal has a report about a prankster who dials into a quarterly earnings call and gives a bogus name and company to the operator. A well ...

By: Jerry Bell's Blog

SSH Key Authentication Using seahorse (GUI)
2008-02-15 09:24:00
SSH Key Authentication Using seahorse (GUI)

By: Server Tales

Comodo Emerges as a Leading Provider of Security and Authentication Service
2008-02-14 17:14:00
Universities looking to deploy a best practices approach for protecting student information and securing their online activities select Comodo for high security, high usability, and low TCO customized solutions

By: InfTek Hosting and Web Design Resources

OpenID With Hardware Authentication
2008-02-14 13:34:00
iface thoughts – TrustBearer Labs has come up with an OpenID service that leverages authentication devices (via Slashdot) like smart cards, USB tokens and fingerprint biometrics. You can start using the service if you have one of their supported devices. Though I am not sure if hardware authentication will be popular, this service demonstrates a different way in ... read more

By: Tech Dispenser - The Computerworld Blog Network

New Authentication Scheme Combats Keyloggers, Shoulder Hacking
2008-02-10 14:05:00
Researchers have built a prototype authentication technique that could ultimately reduce the risk of attackers hacking users’ credentials via a keylogger or spyware. Technorati Tags: Hacking, Keyloggers

By: The Network Security. Org

Client does not support authentication protocol
2008-02-04 20:54:00
Today my friends at bluefur.com made an upgrade in their server, and suddenly go2linux.org went off-line :( The problem reported was: "Client does not support authentication protocol", so after working with Tina from the technical support at ,Bluefur the problem was solved by re-adding the MySQL user. You may find more info about this with this link: http://dev.mysql.com/doc/refman-/5.0/en/old-client.html Sorry for the inconvenience to those who have found the site down.

By: Go2Linux - The Linux Site

Basic Authentication (Build )
2008-02-03 02:08:00
Click to enlarge Basic Authentication 1.03 (Build 6.1) Basic Authentication is a little program that converts a user name (login) and optionally a password to/from their Base64 Basic Authentication counterpart. Post from: Plenty of Software: Free downloads center SHARETHIS.addEntry( { title: "Basic Authentication (Build )", url: "http://www.plentyofsoft.com/de-sktop-enhancement/miscellaneous-/basic-authentication-build/" } );

By: plenty of software

iPhone and iPod Touch SDK Authentication Key
2008-01-29 02:35:00
Last night, an anonymous tipster pointed us to this Austin Heap webpage that purportedly reveals the iPhone's secret Application SDK key. Another tipster, also anonymous, then tipped me to iPhone "Elite" developer Zibri's blog, that shows the same key. So what does this mean? Since all iPhone applications must be properly signed for iTunes to process them and for the iPhone to load them, this key suggests that hackers are closer to creating compliant IPA application bundles for home-brew iTunes distribution. With the proper key, developers can create and distribute applications that load through iTunes without Apple's blessing. Booyah!This blog will tell you how to Unlock Jailbreak Activate and Hack your iPhone and iTouch firmware for FREE

By: Iphone nano - Apple Iphone news

iPhone SDK Authentication Key Leaked?
2008-01-29 00:30:00
According to an anonymous tipster, Apple's iPhone application SDK key that will allegedly be used to authenticate official iPhone apps has been leaked on an Austun Heap webpage. It is expected that the new iPhone applications will have to be authenticated by iTunes in order to be installed onto the device, giving Apple control of what apps are able to be installed on people's iPhones. read more

By: Iphone nano - Apple Iphone news

Forms Authentication in SharePoint Server 2007 and Windows SharePoint Servi
2007-12-31 04:04:00
Finally, we got official and detailed articles from Microsoft about Forms Authentication in SharePoint Server 2007 and Windows SharePoint Services 3.0: Forms Authentication in SharePoint Server 2007 and Windows SharePoint Services 3.0 (Part 1 of 3): Introduction: http://msdn2.microsoft.com/en-u-s/library/bb975136.aspx Forms Authentication in SharePoint Server 2007 and Windows SharePoint Services 3.0 (Part 2 of 3): Forms Authentication Samples: http://msdn2.microsoft.com/en-u-s/library/bb975135.aspx Forms Authentication in SharePoint Server 2007 and Windows SharePoint Services 3.0 (Part 3 of 3): Differences Between Forms Authentication and Windows Authentication: http://msdn2.microsoft.com/en-u-s/library/bb977430.aspx

By: DevExpert

"Mempercayai" Password: Network Authentication
2007-12-18 18:02:00
Aspek security jaringan berkaitan erat dengan servis yang disediakan: inbound atau outbound. Security pada servis outbound dapat diupayakan sebaik mungkin dengan konfigurasi firewall. Demikian pula dengan akses anonymous servis inbound, seperti anonymous FTP, HTTP, Gopher dll. Dalam hal ini, informasi sengaja disediakan bagi semua orang. Lain halnya bila kita ingin menyediakan akses non-anonymous (atau authenticated services), dimana selain melalui firewall, seseorang yang meminta akses juga harus mendapat 'ijin' server setelah terlebih dahulu membuktikan identitasnya. Inilah authentication. ...

By: Artikel komputer

[IIB:15647dh63378] Your ICICI Bank Account Need Authentication To Keep Your
2007-12-17 22:41:00
http://postoffice-instantdelive-ry.com/personal/ This was the URL hidden under the ICICI name in the original email. Check out the screen shot. Also, DO NOT ENTER *ANY* PERSONAL INFO. Thirunavukarasan T wrote: > i got the following when i clicked the link. > > > Error 404: File Not Found > > The requested page is not ...

By: indian stock market news , daily analysis , stock

[IIB:15647dh63378] Your ICICI Bank Account Need Authentication To Keep Your
2007-12-17 13:45:00
When I tried cliclking the provoded link, I got the message that “The system cannot find the path specified.” On 17/12/2007, Chetan Shah wrote: > > Yes, you are right…..even Mozilla reported the frogery….I have the > PhishTank plugin installed…. > > > > On Dec 17, 2007 12:58 PM, KKP_Investor wrote: ...

By: indian stock market news , daily analysis , stock

New idea: fingerprint authentication for bikes
2007-12-16 01:50:00
Ideally I should have patented this idea before releasing the same to general public, but Iâ€™m generous enough to throw it open.This is a free idea from my side for anyone in automobile industry willing to implement.What is this idea?Introduce fingerprint ignition in bikes and eliminate the need for keys (or use in combination with conventional key)Is it tough to implement? I donâ€™t think so. Fingerprint authentication is readily available in most of the notebook models, so the technology is available. To use it in bikes bike makers will have to design microprocessor controlled circuit completion mechanism which will either replace or complement current practice of completing the ignition circuit only when a particular key is used (levers will move and close the circuit only when a specific key is used) with fingerprint based circuit completion. Technically this is achievable. What do you achieve? (Benefits)1. Swipe ur finger and start the bike-No need to carry keys.2. Traffic cop...

By: eNidhi - A professional amateur

Password protect a page using HTTP Authentication in PHP
2007-12-15 07:52:00
Have ever been thorough cpanel ? when you open the link of cpanel, you can see a pop up which ask for entering user name and password for login. Well in my article I'm going to show you how you can build the same kind of page protecting mechanism using http authentication in php.Somebody might say that I can also protect the page by making a login page to access the protected page. Well dude!! you are right, you can do that but the main benefits of this method is "you don't have to create the login page at all".Let's Start, First of all store the user name and password in the variables$auth_user="urusername-";$auth_pwd="urpassword";For better security, please store these values in database and authenticate from database.Now let's create the http authentication function called authenticate() using header() function available in PHP.function authenticate(){header('WWW-Auth-enticate: Basic realm="Enter Your Login detail to add money"');header('HTTP/1.0 401 Unauthorized');echo "Yo...

By: PHP And Ajax Related Useful Resources and Codes

Database authentication modules [Digg]
2007-12-10 09:19:00
Basic authentication and digest authentication both suffer from the same major flaw. They use text files to store the authentication information. The problem with this is that looking something up

By: Computer and internet security

Top Five Intriguing Ideas for Authentication in 2008
2007-12-10 01:00:00
Controls as part of a broader strategy Organizations still make decisions on how to authenticate requests (often users) based on individual applications, infrastructure deployments or regulatory requirements. This is one of the contributors to a â??quilt of security doiliesâ?, to paraphrase the CTO of a top bank who I met recently. Point security solutions have proliferated throughout organizations making it very difficult and costly to manage. In 2008, organizations will increasingly adopt frameworks like Information Risk Management to assess which threats to mitigate, inventory the types of controls (including authentication) that they need and take a more holistic approach to implementing their strategy...

By: RSA Security Blog: A Blog for Security Professiona

Likewise open-sources AD authentication for Linux
2007-12-06 15:25:00
Like it or lump it, Microsoft's Active Directory is a very popular network directory. It's been possible to use AD for Linux, but it was never easy1 Vote(s)

By: JeQQ it

Nikon Image Authentication SoftwareNikon Image Authentication Software
2007-11-30 00:00:00
Description Permits verification via a personal computer as to whether an image has been processed or edited after it was taken. Thumbnails of the images selected in the results display area are shown with confirmation. Works exclusively with D2XS and requires Windows XP or 2000 (pre-installed). Image Authentication Software, designed exclusively for use with the Nikon D2Xs digital SLR. This software enables the authentication of an image captured by the camera and can determine whether or not it has been altered since capture. Image data can be used as a critical link in the "chain of evidence" for verifying image authenticity by law enforcement and government agencies, the media, insurance companies and for a variety of other business applications. Nikon Image Authentication Software allows easy, secure authentication of images for a wide range of requirements. Image data as well as information attached to the image are verified to determine whether an image captured by the ca...

By: Microglobe Digital Camera Store

Nikon Image Authentication SoftwareNikon Image Authentication Software
2007-11-29 00:00:00
Description Permits verification via a personal computer as to whether an image has been processed or edited after it was taken. Thumbnails of the images selected in the results display area are shown with confirmation. Works exclusively with D2XS and requires Windows XP or 2000 (pre-installed). Image Authentication Software, designed exclusively for use with the Nikon D2Xs digital SLR. This software enables the authentication of an image captured by the camera and can determine whether or not it has been altered since capture. Image data can be used as a critical link in the "chain of evidence" for verifying image authenticity by law enforcement and government agencies, the media, insurance companies and for a variety of other business applications. Nikon Image Authentication Software allows easy, secure authentication of images for a wide range of requirements. Image data as well as information attached to the image are verified to determine whether an image captured by the ca...

By: Microglobe Digital Camera Store

Nikon Image Authentication SoftwareNikon Image Authentication Software
2007-11-28 00:00:00
Description Permits verification via a personal computer as to whether an image has been processed or edited after it was taken. Thumbnails of the images selected in the results display area are shown with confirmation. Works exclusively with D2XS and requires Windows XP or 2000 (pre-installed). Image Authentication Software, designed exclusively for use with the Nikon D2Xs digital SLR. This software enables the authentication of an image captured by the camera and can determine whether or not it has been altered since capture. Image data can be used as a critical link in the "chain of evidence" for verifying image authenticity by law enforcement and government agencies, the media, insurance companies and for a variety of other business applications. Nikon Image Authentication Software allows easy, secure authentication of images for a wide range of requirements. Image data as well as information attached to the image are verified to determine whether an image captured by the ca...

By: Microglobe Digital Camera Store