password-protection

Has anyone got experience with developing an application to replace the default lock screen? I've been told it is not possible, however this application manages it. Any tutorials or guidance you know of would be appreciated. KBusc 100% possible. Here are some links to get you started. Android App and Pattern Lock Screen Android Lock Screen Widget Developing a custom lock screen Try this one: lockscreenswitchwidget You can implement deviceAdminReciever to use device locks and all please have a look at this it explains everything about locks setting passwords..... Update: Use this library Link

I'm intested in building some kind of password-less login between a mobile app and an API (assuming I can control both). The motivation is that having to login is very annoying for users and has security risks (eg. users will reuse existing passwords) and I want the users to be able to get started with the app immediately. I'm wondering if there are some techniques that could work. For instance: Generate and random login/password on the mobile device and store the password in the keychain. Signup with the API using this login/password combination. This returns a token. Token is used in

I am building a flask application, and I want it to serve some static files only if the user is authenticated. It's a very low-traffic application (for internal use only). How would I go about this? One thing I was thinking of is using serve_static(), and putting that behind an authentication check but that uses the static directory which flask already serves content from. Simply subclass flask.Flask and override the send_static_file method: class SecuredStaticFlask(Flask): def send_static_file(self, filename): # Get user from session if user.is_authenticated(): return super(SecuredStaticFlask

How is bcrypt stronger than, say, def md5lots(password, salt, rounds): if (rounds < 1) return password else newpass = md5(password + salt) return md5lots(newpass, salt, rounds-1) I get the feeling, given its hype, that more intelligent people than me have figured out that bcrypt is better than this. Could someone explain the difference in 'smart layman' terms? There are three significant differences between bcrypt and hashing multiple times with MD5: The size of the output: 128-bit (16-bytes) for MD5 and 448 bits (56-bytes) for bcrypt. If you store millions of hashes in a database, this has to

I am learning to use maven password encryption capabilities and I would like to know how to choose the parameter <password> . There are two things that I don't understand: 1) mvn --encrypt-master-password foobar will always give a different encrypted master password . Since the encrypted master password is always different, I see only two possibilities: A local property is stored somewhere so that it can be used to decrypt the encrypted master password to get the master password . That means that our encrypted server passwords can only be used locally. Nothing is stored and the master password

In JBoss AS 5, I have a datasource defined in *-ds.xml but put username/encrypted password in *-jboss-beans.xml. Now in JBoss AS 7.1, the datasource is defined in standalone.xml or domain.xml. Where do I put the encrypted password in AS 7.1? In other words, how is a clear password encrypted and secured in AS 7? In AS7 you can use the SecureIdentityLoginModule to add an encrypted password domain. For instance, you can define a security domain in standalone.xml or domain.xml: <security-domain name="EncryptedPassword"> <authentication> <login-module code="SecureIdentity" flag="required"> <module

I want to use Face Unlock as a second factor for my app, since most of my users will not lock their phones with a password. Are there Android APIs available to integrate Face Unlock in an Android app? There are Face Detection APIs out there for photo recognition, but I couldn't find APIs available that can be used in an offline scenario, specifically for an additional factor within an application. If you need a real world example, assume that this is a password manager, or the phone will be loaned to a child... and the owner never locks the phone. Face unlock will secure the things they need