i would like to ask if you could help me with script for
changing Maximum password lenght to 10 characters, Password must meet complexity requirements and Minimum password lenght for 10 characters in Local security policy.
I have to sett this manualy and it would be fine to have some kinf of script to do that.
Thnak you very much for help
Michael
Related
This bounty has ended. Answers to this question are eligible for a +100 reputation bounty. Bounty grace period ends in 13 hours.
Lieven Cardoen is looking for an answer from a reputable source.
I'm using oradim to create an instance. Althoug it works, when I use a space in the password, the command gives me next warning or error:
There must be no spaces around the equal-to (=) character.
Instance created.
The command I'm using is:
oradim -new -sid dbname -intpwd "S sypass123!" -startmode auto -srvcstart system -pfile C:\Oracle\19c_server\database\database\initdbname.ora
The sys user does seem to be created with that password, but do I need to worry about that error/warning message?
The message is coming from the orapwd command, which is used under the hood during database creation to create the external password file for SYS authentication. I'm not sure it has anything to do with your actual password, as that isn't included in that command. I'd have to see the specific command being generated, as well as the associated create database SQL command where the SYS password is actually set.
That said, using special characters in Oracle passwords is always a bit of a crap shoot. Success (or failure) depends very much on the specific tools being used, how they present the connection request to Oracle, and whether or not use of a command-line shell is involved (as when using sqlplus or sqlcl). Different operating systems react differently to specific characters that may be reserved or have special meaning (like "!", "$", "%", or "&"). I've worked with dozens of different OS variations over the years, and the only special character that seems to work universally across all of them, regardless of the tool or UI, is the underscore: "_".
It probably has to do with how DOS handles parameters. Following works:
oradim -new -sid dbname -intpwd "\"S sypass123!\"" -startmode auto -srvcstart system -pfile C:\Oracle\19c_server\database\database\initdbname.ora
I am trying to allow others to use my programs, but I don't want those users to be sharing the programs without my permission, so my goal is to prevent the users from doing this on the TI-84 calculator, but I have had no apparent luck.
For the TI-84 calculator, I have tried the getkey command and the stop. I have tried conditional statements with for and while loops, but I can't seem to prevent the user from sharing the code.
Prompt V
V+2 -> C
Disp C
The code works like it is intended but I can't prevent people from transferring this code to other calculators.
There is no way to prevent people from transferring programs over the calculator. What you could try to do is make it so that after you transfer the program yourself you store a password into a variable that they are unlikely to use (done manually, make sure to clear afterwards). When the program runs it checks if the variable stores the correct value. If someone else transfers the program and doesn't load the password into the correct variable, then the program won't work. However, they can figure this out by simply reading the code. If you want to be extra tricky, you can create a simple hashing algorithm and read from multiple variables. For instance, storing 123 in Z could be hashed by *28 + 54 mod 71 to get to 19. Apply those math functions to the chosen variables and then compare to their hashed value. This protects people from figuring out the password by checking the program (since 19 cannot be reversed to 123). Of course, they can just delete the check, so try to hide it somewhere among junk code. Now, they might overwrite those variables where your password is stored (often by running other programs that use those variables). Simply tell them that they have to come back to you so you can "fix" their program. Hope this helps.
a friend forgot his wifi-Password and the Question is, how to crack the password with apple script! Is there an easy way to do it with a script? He doesn't want to reset his Wifi router...
Thanks for your answers!!
You can't. Unless the router of your friend is like ten to fifteen years old, apple script can only enter a random code of characters and numbers, and even if you had the code you need it wouldn't work because the router won't accept any more guesses after a specific amount (normally about 10).
I manage my accounts for websites with KeePass. This tool generates highly complex passwords, such as d,ªL¹(ç,z/¬gSÑ~}ÄwÚÆ¡íµ¯ó]ó6õ?Ô£fß,.
Such a complex password I use for example for Red Hat’s OpenShift website.
OpenShift servers/applications can be managed best by using their rhc command line tool.
Now, while running rhc setup I have to enter my password. So I copy it into the clipboard and paste it into the shell, where rhc sits and waits for my PW. However, the password won’t get accepted.
The process of pasting probably causes some changes. I already tried doing chcp 1252 and chcp 65001 before running rhc setup. Unfortunately this also didn’t help. The only way to get it running was changing my password to a trivial one on the OpenShift website, then doing the setup, and then changing the password back to a complex one.
Anyways, now I want to log in to my applications via rhc ssh, which is asking for the password of my ssh keys. And as everyone can guess, my ssh key is protected by a password in the style above. This is no problem because pasting such passwords into Putty or other GUI applications works great.
So I wonder: is there a way how I can do safe pasting into windows shells?
I commend you on your passwords!
There's two major possibilities:
Some characters need to be escaped
Shift to a longer password without the escape-requiring characters
Escape the characters!
Code page fun, i.e. some characters are being transformed
Figure out the mapping and duplicate your KeePass entry with one that will map to the correct values for that login type
Shift to a longer password without the escape-requiring characters
Assuming your password (unlikely) is a 35 character password using all 256 possible 8 bit values, that's a maximum exhaustive keyspace of 256^35, roughly 2E84 or 2^280. You can achieve a slightly higher maximum exhaustive keyspace with a password of 43 charactres containing Upper, Lower, Number, and normal US keyboard symbols (94^43), or 48 characters containing Upper, Lower, and Number (62^48).
The Upper, Lower, Number password of length 48 shouldn't cause any problems with escaped characters, and is far less likely to cause problems with code page transforms.
Note that both of those are likely to be superior against the edge case of an attacker who knows which characters were actually used :).
Note also that even a 35 character password containing only Upper, Lower, and Number has a maximum exhaustive keyspace of 62^35, or 5.4E62, or 2^208; 208 bits is likely to substantially exceed the amount of security provided by your transport layer and/or their storage mechanism.
*All passwords in this math are assumed to be 100% cryptographically random!
From what I've read UIDs in Unix are assigned by the administrator while the SIDs are random in Windows. Is there a security reason behind this, or is it just different ways to solve IDs?
Thanks
While you may edit /etc/passwd (and /etc/shadow) by hand on a Unix machine, the standard way to add users is through a useradd utility (or similar) which should automatically assign the next available UID. So they should be assigned automatically rather than by the administrator. SIDs are more complicated (i.e. hierarchical) so assigning them by hand would be even more cumbersome (and besides, you cannot update the SAM database by hand anyway).
As to assigning them randomly, the SID's random part is the Machine SID, which gives SID the advantage of being unambiguous (as opposed to Unix UIDs). For example, if MACHINE1 has local user ALICE and an NTFS volume with some files owned by MACHINE1\ALICE, when you plug this volume into MACHINE2, it won't make a mistake of thinking those files are owned by some local MACHINE2 user which just happens to have the same SID (whether named ALICE or otherwise).
On Unix, if alice had UID 501 on MACHINE1, then then you plug the same volume into MACHINE2 where UID 501 belongs to bob, ls will show the files as belonging to bob (rather than to alice or even to an 'unknown UID').
UUIDs and SIDs are essentially the same thing.
They're a combination of a system specific part and a timestamp, generated according to a specific algorithm (which might be different between implementations, but that's irrelevant).
Essentially they're both semi-random. Maybe some Unix admins are convinced there's some "security" reason for not handing them out or whatever, but that's nonsense.
The windows SID is a GLOBALLY Unique Identifier vs the Unix UID which is not globally unique.