Skip to main content

Home/ SoftwareEngineering/ Group items tagged PasswordReset

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
kuni katsuya

Forgot Password Cheat Sheet - OWASP - 0 views

www.owasp.org/...Forgot_Password_Cheat_Sheet

security authentication password ForgotPassword PasswordReset

shared by kuni katsuya on 21 Sep 12 - No Cached
  • Forgot Password Cheat Sheet
  • no industry standard for implementing a Forgot Password feature
  • Step 1) Gather Identity Data or Security Questions
  • ...12 more annotations...
  • asks the user for multiple pieces of hard data that should have been
  • previously collected
  • send the password reset information to some
  • out-of-band side-channel
  • such as a (possibly different) email address or an SMS text number, etc. to be used in Step 3.
  • Step 2) Verify Security Questions
  • application verifies that each piece of data is correct for the given username
  • If anything is incorrect, or if the username is not recognized, the second page displays a generic error message such as “Sorry, invalid data”. If all submitted data is correct, Step 2 should display at least two of the user’s pre-established personal security questions, along with input fields for the answers.
  • Avoid sending the username as a parameter
  • Do not provide a drop-down list
  • server-side session
  • user's email account may have already been compromised
kuni katsuya

MySQL :: MySQL and Windows :: 3 Resetting the Root Password: Windows Systems - 0 views

dev.mysql.com/...tting-permissions-windows.html

mysql windows PasswordReset

shared by kuni katsuya on 01 Aug 13 - No Cached
  • Resetting the Root Password: Windows Systems
  • MySQL 5.6 Manual
  • UPDATE mysql.user SET Password=PASSWORD('MyNewPass') WHERE User='root'; FLUSH PRIVILEGES;
  • ...1 more annotation...
  • mysqld --init-file=C:\\mysql-init.txt
1 - 2 of 2
Showing 20 items per page