I have an app which asks the user for a username and password which I want to be saved (so the user doesn't have to reenter his data on every launch).
Of course I need to acces the username and password on the next application start. Can you tell me how to do it?
One more thing: the username (and pw) is saved in the AppDelegate but I need it in a different class later..
The proper place to keep a username/password is in the keychain. It's made easier with open source wrappers such as SSKeychain.
The way I suspect you want to do it is with NSUserDefaults, which you can read about in the Preferences and Settings User Guide.
Either way you can get at the information quite easily from elsewhere in your application.
But you really should do it the first way.
Give it a try and come back and ask a more specific question if you can't get it to work.
Related
I am generating a random strong password for every user and want the user to use the same password for accessing the application, since the password is going to be hard to remember I wish to store the same in the keychain so it is easy to access.
Of course you can, you must be looking for nativescript-secure-storage plugin.
tns plugin add nativescript-secure-storage
If you have an application that is being authenticated with Active Directory using Forms Authentication in MVC, how can you allow the user to change his password after it expires?
From what I am observing, if a user's password has expired, Membership provider will simply refuse to let you authenticate, thus not allowing the user to access the page. However, if I modify the page, to allow the user to go to it, and enter a user name, old password, and new password, it still seems to not work, just returning 'false' from the change password function.
Any insight or solutions on this?
Any insight or solutions on this?
Insight refering to scripts. if yes so please have a look at these links
http://blogs.technet.com/b/heyscriptingguy/archive/2010/08/17/how-to-change-a-user-s-active-directory-password-with-powershell.aspx
http://community.spiceworks.com/scripts/show/1889-reset-ad-user-password
Moreover there are many self rest solution. Please update so that a name would be explained to you
Thanks.
I am writing an app and would like to do the following: When the app is first used it prompts the user for a username given at the time of purchase. When entered this is then stored and cannot be changed.
I am unsure whether this is possible or if it is what method I should use to store it. I am right in thinking this is one for KeyChain?
Any advice much appreciated.
We have merchants logged in to a system, from which we want to link them to our Magento instance with some kind of admin token that will log them in directly without them having to manually login.
I see the rp_token field in the admin_user table but that appears to be related to a password reset, which probably isn't what we want.
Have done a bit of searching, found this thread which is related but is dealing with secret keys specifically (which will probably be my second challenge to resolve after resolving this one).
I'm guessing this isn't supported in core, but maybe there's a good extension out there to do it?
Or if not, what would be the best approach to implement? I'm guessing there is probably an event I could hook to look at a GET or POST param (which maybe could be a hash of the username and hashed password), then bypass the normal login() method which relies on username and plain text password.
That feels like it could be a little risky though? Any thoughts?
That feels like it could be a little risky though? Any thoughts?
This is extremely risky, but it can be done safely. I can speak on a similar issue I had in developing QuarkBar, an administration bar for Magento that is set to release this weekend.
So to show the bar, I need to verify the admin is logged in. Unfortunately that's hard to do on the frontend module, since there are two separate sessions. So to get around that I've created a quarkbar_session table. I use OpenSSL to store a secure crypt key once an admin is logged in, that I then check for on each request and match it to a cookie. If it matches, the admin is verified.
It's a little different from what you want of course, since I first set the key when the admin is logged in (it's an observer event). But it should get you started.
Source (NOT ready for production, use it for ideas): https://github.com/zschuessler/QuarkBar/tree/master/app/code/community/Zaclee/QuarkBar
Also, note that I'm storing the secure key so that I can access the admin backend. The solutions in your link say to disable it. You don't have to, check out QuarkBar for implementation.
I have an command line application (not rails) that needs the user to provide their username and password for the website the cli accesses.
I don't want to make the user enter their details for each and every command they execute.
How do I store the details without compromising security and storing the details without encryption? If I encrypt the password, where should I store the pass key so it is still secure?
I imagine an implementation similar to the way the Heroku gem works would be good.
UPDATE:
So I have gone ahead and implemented this in my application, but something doesn't feel quite right about the solution yet.
Prior to accessing the website for the first time, the user is prompted to enter their username and password. Following successful login, the user is asked whether to store the details for later. If yes, the password is encrypted using a key - however, as this is a ruby gem, the key is stored in the application in plain text.
Is there another way to do this. The file containing the username/password is now secure BUT the key to unlock it is stored in the application code.
On the update: no. If you need access to the plain text password, you can only obfuscate the password. You cannot safely store it. The key needs to be in plain, or the key that encrypts that key needs to be in plain, ad infinity. Can't be done.