Tag Archives: password

How NOT to Store Passwords Tech News 20 JUL 2015

British presenter and tech personality Tom Scott (whom I’m quite fond of featuring here on my little blog thanks to his likable personality and way of clearly and concisely explaining things) joins up with Computerphile to bring this great 10 minute video on how software developers should not be storing passwords.

The fact is, most of us in the trade would probably have implemented pretty much all of these erroneous methods at some point in our careers! (I know that I certainly have)

Definitely worth watching if you are in charge of writing some or other access-controlled system.

Take away points: Passwords should never be encrypted using a two way algorithm. Passwords should be uniquely salted in order to get differing hash values.

Worth remembering!

username password login screen

Related Link: Youtube

How to Password Protect Your WordPress Site Tips, Tricks and Tutorials 28 MAY 2014

Sometimes it is quite useful to password protect your whole wordpress website. Maybe it contains sensitive information meant only for your team, or perhaps as a designer you don’t want to hand over the site to the client before payment, but you do need to show them how it looks so that you can get paid!

Enter a fantastic plugin by Ben Huson simply entitled Password Protected.

Essentially, once enabled, your entire site gets hidden behind a login page which asks visiting users for a password. Not for individual pages, or certain post types, or a certain section, but the whole site!

It is important to note that this plugin only protects your WordPress content, and as such it does not protect images or uploaded files – so if you enter the exact URL to in image file it will still be accessible. (In other words, this isn’t intended to prevent hot-linking of your files).

Nevertheless, pretty damn useful overall.

Install as per usual via the Admin panel, and activate. You’ll be asked to select a password and well as what types of users should be able to view the content with or without a password. As a bonus, the plugin does give you the option as to whether or not you want to password protect RSS feeds.

Nifty.

password protected wordpress plugin

Related Link: http://wordpress.org/plugins/password-protected/

Ubuntu: Change or Reset the MySQL Root Password CodeUnit 04 NOV 2010

MySQL gets installed with a default root account under the username “root”. Sometimes the system will allow you to install a root account without a password (VERY not safe), but for the most part you have to set a password on install.

If of course you are anything like me, you instantly forget this password and a month down the line when you come back to do some more tinkering, you’ll quickly realize that you need to change the damn password – and this is one way you could go about doing it!

First, stop the MySQL server by entering the following into a terminal:

sudo /etc/init.d/mysql stop

Next, start a custom mysqld configuration by skipping the password tables:

sudo mysqld –skip-grant-tables &

The next step is then to login as root:

mysql -u root mysql

Finally, replace the existing password with your new one and Bob’s your uncle!

UPDATE user SET Password=PASSWORD(‘YOURNEWPASSWORD’) WHERE User=’root’; FLUSH PRIVILEGES; exit;

Done. Oh, and don’t forget to restart the service with sudo /etc/init.d/mysql start if necessary.

(Ubuntu 10.10 Maverick Meerkat)