Using Paw (SetApp) latest (v3.1.5) and the Basic Auth headers don't have the option to turn the password field into a "Secure Dynamic Value" as mentioned on the docs in:
https://paw.cloud/docs/security/keychain
This is what the doc shows as an example:
This is what I get in my software:
TL;DR: Enable "Encryption" for the File to get this to work
Playing around with the project's settings, the form field now can now be encrypted.
So it's more a doc bug than a product bug!
The password field now matches the one in the docs:
Related
I am using josn api plugin for deleting users. This is my URL: "https://example.com/?json=users/delete_user&nonce=3c3baa1b11&id=9", but I am getting error: {"status":"error","error":"You must either provide the 'u' and 'p' parameters or log in as an administrator."}. I had also tried wp-json/wp/v2/users/ but only showing admin user(id=1) data with this URL. Any suggestion?
As mentioned in the error that you would have to provide the 'u' and 'p' parameters so that means you would need to send the admin username and password along the URL. So, the full URL should be -
https://example.com/?json=users/delete_user&nonce=3c3baa1b11&id=9&u=admin_username&p=admin_password
Replace admin_username and admin_password with the actual username and password of the admin.
I ran into this issue when trying to send a firebase password reset email in my angular app after updating the firebase password reset template email.
An email was always present and the user existed in firebase but I still couldn't figure out what was causing this error.
I found the original answer to this problem here
The issue was that I updated the 'sender name' field in the firebase password reset template to be my company name. As an example it was similar to "Company XY, Inc" as seen in the photo below.
To fix the issue you simply need to remove the ',' from the sender field and then the error will go away.
FYI The same thing also happens if you include a ',' in the sender name field when using the firebase-email-trigger.
I have to get rid of the clear text password in ActiveMQ server in the jetty-realm.properties file as part of the security requirements of our project.
I followed the procedure for encrypting passwords found here: https://activemq.apache.org/encrypted-passwords.html.
In Jetty-real.properties I replaced plain password with ${activemq.password}
But I could not login into the web console (http://localhost:8161/admin)
Are there additional config parameters I need to change? Any help would be greatly appreciated.
For ecrypt password we can use jetty utility. This can be downloaded from http://download.eclipse.org/jetty/.
use:
java -cp lib/jetty-util-$JETTY_VERSION.jar org.eclipse.jetty.util.security.Password admin admin
admin
OBF:1u2a1toa1w8v1tok1u30
MD5:21232f297a57a5a743894a0e4a801fc3
CRYPT:adpexzg3FUZAk
Add in bus\conf\jetty.xml\jetty-realm.properties
admin: MD5:21232f297a57a5a743894a0e4a801fc3, admin
A very important note: the sequence of data specified by you should be as follows:
org.eclipse.jetty.util.security.Password [username] password
Also note that in some shells (like default on Ubuntu 20.04) the dollar sign inside the password will effectively truncate your password to the part preceding the dollar sign.
(I meant to put a comment to the answer by #dorin.canepa, but clicked on a wrong button and now it's an answer, oh well)
I created a presto custom password authenticator plugin (internal) by making a copy of the LDAP plugin and modifying it. You can see that code here: https://github.com/prestodb/presto/tree/master/presto-password-authenticators/src/main/java/com/facebook/presto/password.
I created copies of the Authenticator, AuthenticatorFactory, and the config, and modified them to basically just take a user/password from the config and to only allow that user in. I also put the new class in the PasswordAuthenticatorPlugin registration code.
I can see the plugin loading when presto is started, but it doesn't appear to do anything despite no errors being present. What am I missing?
Note: I had already found a solution to this, I'm just recording it on SO as I originally came here and found no help.
To make a custom password plugin work, you actually need HTTPS enabled for communication with the coordinator. You can actually see this recommendation at the bottom of their documentation:
https://prestodb.github.io/docs/current/develop/password-authenticator.html
Additionally, the coordinator must be configured to use password authentication and have HTTPS enabled.
So, the steps to make it work are:
Make sure your main config.properties has "http-server.authentication.type=PASSWORD".
Make sure you add a password-authenticator.properties next to config properties with content like the sample in the link above. But make sure you use your string from your authenticator as the name, and that you add your configuration properties instead (user name and password).
Set up a JKS store or a real certificate (some instructions here from Presto for JKS: https://prestodb.github.io/docs/current/security/tls.html).
Add SSL config to your config.properties.
http-server.https.enabled=true
http-server.https.port=8443
http-server.https.keystore.path=/etc/presto-keystore/keystore.jks
http-server.https.keystore.key=password123
Set up your JDBC driver to use the same key store.
I wrote up a blog on it with a bit more detail as well if any of that doesn't make sense. But after doing all this, you should find that it does require a password and it does enforce your plugin.
https://coding-stream-of-consciousness.com/2019/06/18/presto-custom-password-authentication-plugin-internal/
i forgot my drupal user id and password. Is there any way to recover it
http://example.com/<path-to-drupal>/user/password should bring you to a page where you can request a reset/new-password.
Edit:
The above path applies if you have 'clean URLs' enabled, if not use http://example.com/<path-to-drupal>/?q=user/password
This solution is valid for Drupal 5 or 6 but not for Drupal 7. This version does not use a standard hashed password. You can get your encoded password running the following command:
php /path_to_drupal_files/scripts/password-hash.sh your_password
Then you can see your password hash. This is the string that you should use in the database to update the admin password. You can use the following SQL query to update the Drupal database.
UPDATE users SET pass='YOUR_PASSWORD_HASH' where uid=1;
If you don't have access to the email (or want to bulk-update the passwords) you can update the database with a query like:
UPDATE users SET pass = md5('NEWPASSWORD') WHERE name = 'admin'