password-protection

I've developed a website that uses ASP.NET membership. Based on comments from previous sites, I decided to encrypt passwords so they could be recovered for users who forgot them. However, the new site (which now has over 500 registered users) has brought me some criticism that the industry standard is really to hash passwords. However, after a fairly extensive search, I have been unable to find anything about how to convert existing users' passwords from encrypted to hashed. I know I can change the web.config file, and new users' passwords will use the new format. But it does nothing to update

I need to create a ZIP file in node.js, protected by a password. I am using "node-zip" module, that unfortunately doesn't support password protection: var zip = new require('node-zip')(); zip.file('test.file', 'hello there'); var data = zip.generate({base64:false,compression:'DEFLATE'}); Looking other node modules to create ZIP files, I haven't found any that support password protection. If you work on linux then you can do it with the help of zip (command line utility in most linux distributions). Just include the following in you app. spawn = require('child_process').spawn; zip = spawn('zip'

A salt makes every users password hash unique, and adding a salt to a password before hashing to protect against a dictionary attack. But how? The tool you almost certainly want is called PBKDF2 (Password-Based Key Derivation Function 2). It's widely available, either under the name "pbkdf2" or "RFC 2898". PBKDF2 provides both salting (making two otherwise identical passwords different) and stretching (making it expensive to guess passwords). Whatever system you are developing for probably has a function available that takes a password, a salt, a number of iterations, and an output size. Given

The Adobe IFilter doesn't provide a mechanism to supply a password to open a password-protected PDF file, so it cannot be used to open password-protected files. I was wondering, is there a relatively straightforward way to programmatically retrieve the actual encrypted data inside the PDF file, decrypt it using a standard cryptography API, and then build a new PDF file with the decrypted data? To open a password protected PDF you will need to develop at least a PDF parser, decryptor and generator. I wouldn't recommend to do that, though. It's nowhere near an easy task to accomplish. With help

I have a wpf application and I am following the mvvm pattern carefully for reasons beyond my control. I do not want to databind to my PasswordBox for security reasons beyond my control. How do I clear the contents of the password box when the login fails? I would prefer a way to do so in xaml. You can create your attached DependencyProperty and use it as a XAML or in code. Example: Listing of PasswordBehaviors : public static class PasswordBehaviors { public static void SetIsClear(DependencyObject target, bool value) { target.SetValue(IsClearProperty, value); } public static readonly

I'm currently concepting a feature for an app, where I'd like a general method/approach to detect if the app itself was started or resumed from ' outside ' the app. ' Outside ', in this case, means: app was started/resumed by the launcher icon app was started/resumed by pressing the 'app button' from a navigation bar/key (like on a nexus 7) app was started/resumed from a notification app was started/resumed from 'somewhere else' The use case for this feature is the following: The app has a 'multi-user-ability' that allows the user(s) to create one ore more profiles for his/her data A single