Web server question. Can I combine htaccess and session variables from other systems? (more inside) [more inside]
posted on Jul 23, 2008 - 6 answers

I have an application installed on my PC at work that needs to connect to the internet through our ISA Server. The problem it has is that it can't connect directly unless I put in proxy settings. The problem that I have is that the proxy setting is just one long URL with no username or password. How can I get this application to connect? [more inside]
posted on Jun 19, 2008 - 1 answers

I have noticed that there seems to be a split between some banks/financial institutions who maintain complex security around their on-line account access and others who seem to have actively migrated towards a much simpler approach. Is there any evidence that the "simple" approach is either more or less secure than the "complex" one? [more inside]
posted on Jun 6, 2008 - 7 answers

How do you set up pub key auth for Dreamweaver's sftp client on a windows box? [more inside]
posted on Jan 24, 2008 - 3 answers

How do you use a single authentication system for different kind of servers, systems, and workstations? [more inside]
posted on Jan 11, 2008 - 6 answers

RADIUS without realms? [more inside]
posted on Nov 14, 2007 - 3 answers

Help me figure out Smart Cards! I work for the IT department of a company looking to use smart cards for Windows domain login. Windows (XP/2003) has built-in support for several brands of smart card. Great, it should be easy! It's not. [more inside]
posted on Sep 21, 2007 - 2 answers

Livejournal authenticated RSS feeds on Mac OS 10.4.10: why do they keep losing my credentials? May involve Keychain. [more inside]
posted on Aug 5, 2007 - 2 answers

I have a question about the authentication of a Cambridge University-issued document by a California lawyer or notary for use in Latvia. [more inside]
posted on Jul 27, 2007 - 9 answers

How exactly does authentication work in a website like Basecamp, or more generally, a site built on Rails or LAMP. When I sign-up, I enter a username and password. I presume this is stored in a database table. But after that, how does the server know who I am during the course of my 'visits' and how does the SQL database know what I have access to ( only my projects ) and what I don't have access to ( Other peoples projects)? Where do cookies, if at all, come into play. If cookies do come into play, can they not simply be forged? I am completely clueless regarding the subtleties of authentication, user sessions, and security. Please enlighten me.
posted on Apr 27, 2007 - 20 answers

For a friend: I need some ideas about web cam server solutions. [more inside]
posted on Apr 11, 2007 - 9 answers

I'm trying to get my head around some Microsoft Access security issues, and could use some help. [more inside]
posted on Mar 15, 2007 - 4 answers

How come if I search for this page and click on the Google link I get to the page, but if I copy the link that Google gives me and try to access it directly, I'm taken to a login page? [more inside]
posted on Dec 27, 2006 - 10 answers

Why are many financial institutions moving to a two-step login process, where you enter your username on one page and then your password on the next? For instance, Vanguard and ING. Their rationale is just that it's "more secure", but that's not much of a reason.
posted on Aug 20, 2006 - 13 answers

I have two paintings signed by Salvador Dali I am in the process in having them authenticated as legit or copies. To possibly save some resources I would like to do background on the paintings, but I am unable to find any information, any suggestions? [more inside]
posted on Apr 21, 2006 - 17 answers

I’m working on a PHP/MySQL app and would like to ensure my security is up to scratch – need tips on authentication, globals and input sanitization. [more inside]
posted on Mar 30, 2006 - 28 answers

Best practices for managing massive permission systems for a giant home-brewed PHP CMS? [more inside]
posted on Mar 6, 2006 - 6 answers

Captive Portals. I'd like one. I want it to work with a WRT54G, connected to a DSL line. [more inside]
posted on Sep 22, 2005 - 4 answers

I'd like to get a handle on computer security. Where should I start? I'd like to stress that I am NOT talking about spyware and viruses here, but the more interesting things like authentication and authorization. [more inside]
posted on Sep 11, 2005 - 13 answers

Anybody ever set up a proxy server that authenticates using an external LDAP server - so that (for example) off-campus university students can access third-party web services that are restricted to campus IP addresses? [more inside]
posted on Aug 2, 2005 - 4 answers

How come most websites roll their own authentication methods around cookie-based sessions, rather than using http authentication built in to most web servers? Is this a security issue, or a user interface issue? Or something else?
posted on Jul 19, 2005 - 8 answers

Looking for advice for replacing the floppy disk as an authentication factor for logging onto a client-server non web-based system. Anyone have any bright ideas? [Details within]
posted on May 13, 2004 - 10 answers

I'm trying to get my application (VB, but that doesn't matter) to connect to the internet and support proxy servers that require a username and password. The former is easy, the latter not. What I'm doing is sending Proxy-Authorization: Basic [authentication] in the header (where [authentication] is "username:password" base64 encoded) with each request. However the proxy server keeps reporting error 407 (authentication required). I've read the RFC's, I've read google groups but I have no idea what I'm doing wrong. Any ideas?
posted on Apr 30, 2004 - 2 answers

I'm behind a university proxy firewall and wanting to access ports that are blocked from direct access through the firewall. I was wondering if there are any telnet clients out there that have HTTP-proxy capabilities with authication (user/password) as well.
posted on Mar 6, 2004 - 4 answers

What's the best way to keep track of an escalating number of logins and passwords? For the web, there's Opera's magic wand, but what about hosting accounts, ftp servers, ATM PINs, etc? Encrypted text file on the desktop? Scribbled note under the pillow? How do you manage (and hide) your password library?
posted on Jan 31, 2004 - 17 answers