How does Maven 3 password encryption work?

My answer is based on reading the Maven source code and doing a little research. Does the encrypted master password provide security simply by existing in settings-security.xml in a folder that only one user can access (~/.m2)? If so, why bother with encrypting a ‘master password’ (why not just use some random value)? Isn’t the … Read more

Is 5-digit PIN better than most passwords?

No, you’re mistaken. Brute force attacks are one thing, but the real danger is Rainbow Tables that, from a hash value, gives you the plaintext password. First you never ever store anything as plaintext. If someone breach your security (or even if an employee has malicious intent) you don’t want to expose users’ password. So … Read more

Python’s safest method to store and retrieve passwords from a database

Store the password+salt as a hash and the salt. Take a look at how Django does it: basic docs and source. In the db they store <type of hash>$<salt>$<hash> in a single char field. You can also store the three parts in separate fields. The function to set the password: def set_password(self, raw_password): import random … Read more

Forgot Neo4j Server Password

Depending on environment and installation type you need to look for a file named auth under directory dbms and remove it. In MacOs, for dmg installations (adjust for custom locations): /Users/xyz/Documents/Neo4j/default.graphdb/dbms/auth or (homebrew install) /usr/local/Cellar/neo4j/x.x.x/libexec/data/dbms/auth Windows users should look for same file in the default.graphdb/dbms directory. In Ubuntu /var/lib/neo4j/data/dbms/auth In docker containers /var/lib/neo4j/data/dbms/auth Alternatively, you … Read more

jQuery password strength checker

The best way is to take an existing plugin as TJB suggested. As to your question about the code itself, a nicer way is to write it like that: var pass = “f00Bar!”; var strength = 1; var arr = [/.{5,}/, /[a-z]+/, /[0-9]+/, /[A-Z]+/]; jQuery.map(arr, function(regexp) { if(pass.match(regexp)) strength++; }); (Modified to correct syntax errors.)