Questions tagged [password-storage]
Password storage is often a tricky issue - where do you keep it so that it is well protected? This tag deals with problems relating to the management of user credentials in a system.
password-storage
91
questions
-4
votes
1
answer
40
views
Django: how to store email credentials when sending email from a Django application [duplicate]
What is a standard or safe way to store my Google Workspace email credentials in my first Django project?
I've tried to store the password in an .env file, but I get all kinds of error messages (e.g., ...
1
vote
2
answers
192
views
A secure way to store SSH credentials (MAUI / C# application)
I currently use Preferences to save all the other data I reuse in my application. So, when it comes to SSH credentials, host/port/username can be stored in plain-text, but what to do with the password?...
1
vote
0
answers
189
views
How to persuade saved connections in SSMS projects to actually remember their password
Is there any way to persuade saved connections in SSMS projects to remember their password?
There's a checkbox on the connection to "remember password" but when I open a query inside the ...
2
votes
1
answer
34
views
How does per user password salting work without transmitting the password as plain text?
I've been trying to research authentication systems to model my own project around, but I feel like I'm misunderstanding something significant.
There is a lot of talk about using a per-user salt to ...
1
vote
1
answer
555
views
How should I store a single use username and password for an Angular app without a login page?
I will be creating an Angular app that will make calls to a DotNet Core API I have created. Because the API itself calls a third-party API which needs to be secured with an API key, I want to secure ...
1
vote
1
answer
512
views
Hashing function security level required for storing passwords
I am working on a project that has to store users passwords. With that password you can gain access to a user achievements and stuff so it's really important that you can not get the password even if ...
1
vote
0
answers
117
views
How to protect users' credentials stored unencrypted in ~/.docker/config.json by 'docker login'?
I have a Docker registry deployed on a server, where multiple persons can login as root. This local registry is used to pull and push Docker images in a remote registry hosted in an Artifactory ...
2
votes
1
answer
811
views
Python Doesn't Derive Same Hashkey For a given password and salt as Keycloak or Online Password Hashers
My use-case is that I need to migrate some passwords from Keycloak to Django. My sample password on Keycloak is 'qwerty123'. The Corresponding Hash Generated In Keycloak DB is this:
{"value":...
0
votes
1
answer
354
views
How should I check if the password is weak or good After applying PasswordStrengthBar?
I'm using PasswordStrengthBar import PasswordStrengthBar from 'react-password-strength-bar';
https://www.npmjs.com/package/react-password-strength-bar
I want to display a message when the ...
-1
votes
1
answer
120
views
Is saving a private key encrypted with the users password safer than storing a hash in a database?
Is storing a private key generated by the client that is encrypted by the users password safer than storing a hash of a password? (The encryption part is done client side and it will be sent to the ...
1
vote
3
answers
3k
views
How does hybris store password hashes
TLDR: What does Hybris do with password hashes before storing them in the database? Because values in the database field are NOT standard password hashes.
I had to add the TLDR above, because two ...
-1
votes
1
answer
1k
views
Password store in wordpress database in table wp_users [closed]
How is the password being stored in the table wp_users in wordpress database? I wanted to know what is the algorithm being used to stre password values in the column user_pass
1
vote
0
answers
727
views
Unable to insert a new password into pass (the standard unix password manager)
I am trying to insert a new password to pass (passwordstore.org), but I am receiving the following error:
➜ GitHub git:(master) ✗ pass insert platform-name
Enter password for platform-name:
Retype ...
1
vote
0
answers
112
views
Has the default password requirements in PHP ever changed, such that password_needs_rehash() would return true for default options?
I have recommended to a client that their login system implements password_needs_rehash, so that as their version of PHP is upgraded, the user accounts within their web app will have the password ...
1
vote
1
answer
1k
views
How do i handle password storage for sign-in to the SMTP client in ASP.NET Core?
I'm currently working on a ASP.NET Core application, where part of it is a 'EmailService' Now, it's only function is to send informative emails via. SMTP, using the clients own credentials however. ...