I’m not sure if it’ll work in all browsers but you should try setting autocomplete=”off” on the form. <form id=”loginForm” action=”login.cgi” method=”post” autocomplete=”off”> The easiest and simplest way to disable Form and Password storage prompts and prevent form data from being cached in session history is to use the autocomplete form element attribute with value … Read more
You are correct that storing the password in a plain-text field is a horrible idea. However, as far as location goes, for most of the cases you’re going to encounter (and I honestly can’t think of any counter-examples) storing the representation of a password in the database is the proper thing to do. By representation … Read more
You can try this direct VBA approach which doesn’t require HEX editing. It will work for any files (*.xls, *.xlsm, *.xlam …). Tested and works on: Excel 2007 Excel 2010 Excel 2013 – 32 bit version Excel 2016 – 32 bit version Looking for 64 bit version? See this answer How it works I will … Read more
python manage.py changepassword <user_name> see docs
(0…8).map { (65 + rand(26)).chr }.join I spend too much time golfing. (0…50).map { (‘a’..’z’).to_a[rand(26)] }.join And a last one that’s even more confusing, but more flexible and wastes fewer cycles: o = [(‘a’..’z’), (‘A’..’Z’)].map(&:to_a).flatten string = (0…50).map { o[rand(o.length)] }.join If you want to generate some random text then use the following: 50.times.map { … Read more
DISCLAIMER: This answer was written in 2008. Since then, PHP has given us password_hash and password_verify and, since their introduction, they are the recommended password hashing & checking method. The theory of the answer is still a good read though. TL;DR Don’ts Don’t limit what characters users can enter for passwords. Only idiots do this. … Read more
bcrypt is a hashing algorithm which is scalable with hardware (via a configurable number of rounds). Its slowness and multiple rounds ensures that an attacker must deploy massive funds and hardware to be able to crack your passwords. Add to that per-password salts (bcrypt REQUIRES salts) and you can be sure that an attack is … Read more
Short answer: $ ssh-keygen -p This will then prompt you to enter the keyfile location, the old passphrase, and the new passphrase (which can be left blank to have no passphrase). If you would like to do it all on one line without prompts do: $ ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile] Important: … Read more
Strings are immutable. That means once you’ve created the String, if another process can dump memory, there’s no way (aside from reflection) you can get rid of the data before garbage collection kicks in. With an array, you can explicitly wipe the data after you’re done with it. You can overwrite the array with anything … Read more