I need to implement 256 bit AES encryption, but all the examples I have found online use a “KeyGenerator” to generate a 256 bit key, but I would like to use my own passkey. How can I create my own key? I have tried padding it out to 256 bits, but then I get an … Read more
One of the joys of working for a government healthcare agency is having to deal with all of the paranoia around dealing with PHI (Protected Health Information). Don’t get me wrong, I’m all for doing everything possible to protect people’s personal information (health, financial, surfing habits, etc.), but sometimes people get a little too jumpy. … Read more
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for … Read more
I’ve been asked to update some Excel 2003 macros, but the VBA projects are password protected, and it seems there’s a lack of documentation… no-one knows the passwords. Is there a way of removing or cracking the password on a VBA project? 24 s 24 You can try this direct VBA approach which doesn’t require … Read more
I am using Django (version 1.3) and have forgotten both admin username and password. How to reset both? And is it possible to make a normal user into admin, and then remove admin status? 24 s 24 python manage.py changepassword <user_name> see docs
I’m currently generating an 8-character pseudo-random uppercase string for “A” .. “Z”: value = “”; 8.times{value << (65 + rand(25)).chr} but it doesn’t look clean, and it can’t be passed as an argument since it isn’t a single statement. To get a mixed-case string “a” .. “z” plus “A” .. “Z”, I changed it to: … Read more
It is currently said that MD5 is partially unsafe. Taking this into consideration, I’d like to know which mechanism to use for password protection. This question, Is “double hashing” a password less secure than just hashing it once? suggests that hashing multiple times may be a good idea, whereas How to implement password protection for … Read more
Every now and then I hear the advice “Use bcrypt for storing passwords in PHP, bcrypt rules”. But what is bcrypt? PHP doesn’t offer any such functions, Wikipedia babbles about a file-encryption utility and Web searches just reveal a few implementations of Blowfish in different languages. Now Blowfish is also available in PHP via mcrypt, … Read more
I set a passphrase when creating a new SSH key on my laptop. But, as I realise now, this is quite painful when you are trying to commit (Git and SVN) to a remote location over SSH many times in an hour. One way I can think of is, delete my SSH keys and create … Read more
In Swing, the password field has a getPassword() (returns char[]) method instead of the usual getText() (returns String) method. Similarly, I have come across a suggestion not to use String to handle passwords. Why does String pose a threat to security when it comes to passwords? It feels inconvenient to use char[]. 1 18 Strings … Read more
