Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be.
3
votes
2answers
53 views
“Remember me” automatic login
I've implemented a "remember me" automatic login if no session has been set, but a remember me cookie is on their computer. I'm concerned about security and I'm not the best. I'm relatively new to OOP ...
2
votes
2answers
53 views
Validating user credentials and logging into a Symfony site
I have the following code in a Symfony site that validates a user's credentials and logs them in via the Session class:
...
1
vote
1answer
31 views
Create “refresh token” action filter
I am using idenity server 3 authentication.
I have to implement refresh token logic.
AccessTokenLifetime is 1 hour, and after that time I want to update access token with refresh token.
I want do ...
2
votes
0answers
23 views
Rbac Principal with Binding support
I've been maintaining a Rbac helper for some time now. My goal is to provide an easy way to tell the following:
When does an user have a role
What can a user do ...
3
votes
0answers
39 views
Ajax login response [closed]
I want to create an Ajax-Login, but I'm not sure if my solutions is generally correct. I want to do everything correct, so I need someone who checks this code and give me some improvement hints.
...
2
votes
1answer
55 views
Creating a portable encrypted credential store
There have been a few questions over on SO recently about securely storing credentials in Powershell scripts. Because ConvertFrom-SecureString uses DPAPI it makes ...
3
votes
2answers
79 views
First user login function: Security and efficency opinions
I am writing an application for work. This application will sit on a closed network but I still have to be concerned about security. There will be a maximum of three types of user for this ...
7
votes
2answers
160 views
Secure custom password hashing
My team and I have ended up creating this class, which is called directly from ASP.NET Identity as a custom password hasher. I'd like to know whether this would be "overkill"/use a lot of CPU, ...
5
votes
1answer
75 views
login_required decorator in Flask
I have 2 Flask apps (different projects) that work together . One implements some API which uses tokens for auth. The second one consumes the API and makes a web interface for it. Now I have a login ...
3
votes
1answer
49 views
Authentication program in Swing
It is a simple program which allows you to input a username an password. If the username/password is equal to the String it launches a JOptionPane that says ...
2
votes
0answers
54 views
Safe implementation for extending authentication cookie with user data
After searching around and reading through articles and answers I came up with this implementation for extending the cookie of Forms Authentication. But I am not 100% sure that I did not introduce any ...
1
vote
1answer
55 views
CakePHP login action returning json
I have some questions on how I can improve this "add action" (method) in "controller":
I'm using the add action only if post request. Is it correct?
This ...
0
votes
1answer
70 views
Password encrypt & check
When a user registers (creates a new account), I want to encrypt password before storing in a database, and when a user logs on (with username & password) I want to check password. I did it in the ...
6
votes
1answer
134 views
Ensuring non-expired token before every request
I'm developing an iOS application where data is fetched from a third-party REST API. Each request must contain an authorization token.
In order to implement this, I've written a ...
1
vote
0answers
478 views
JWT - Simple API example
I have created this fake API just because I want to learn how to use JWT. It is a simple unsigned token exchange with two methods call: login and adminPassword.
I've used ...
2
votes
1answer
59 views
Security of login form using prepared statements
I've prepared a simple login form, using prepared statements to prevent SQL injections. How secure is this ?
...
1
vote
1answer
105 views
Simple login and authentication app
For school I had to do a real simple login and authentication system on an Android app, and I'm wondering how my code can be optimised to reduce code duplication and how it can be made more object ...
4
votes
1answer
873 views
Simple login system using Python Flask and MySQL
I've made a login page using Python Flask which works with MySQL. I started learning Flask 2 days ago and it was fun, so I came up with this:
...
1
vote
1answer
129 views
Another PHP login handler
I wrote this class to handle login sessions for a framework I'm writing for educational purposes.
My major areas of concern:
Style
I know my style is a little contrary to most coding conventions. ...
-2
votes
2answers
59 views
Authentication check in index.php file
I am aware that this code is vulnerable for SQL injections, but I don't know how to avoid it.
...
6
votes
2answers
387 views
PHP login based on a password parameter
I'm learning PHP now, and I'm trying to find out whether or not the following code structure has any faults:
...
0
votes
1answer
27 views
Backbone view for logging a user in
I'm looking for a general peer review on already working code. Just the overall structure and of course any gotchas like DRYness or logic issues.
...
2
votes
1answer
34 views
Authentication and session creation
My session controller has a method for creating new user session. According to Rubocop's output there is 'Assignment Branch Condition' metric is too high [15.17/15].
...
1
vote
2answers
48 views
Securing a web service without relying on native authentication schemes
Due to various business and technical circumstances, I have to create an internet-facing .NET 4.5 WCF web service which should be called only by a certain party while not using native authentication ...
6
votes
1answer
70 views
This LoginPane is a Pain
Well, it really isn't a big pain: but I fear of security risks (if that is even possible).
Background:
I decided to (sort of) abandon my Sudoku project (because I accidentally deleted it from disk), ...
6
votes
1answer
44 views
Login validator class
I'm trying to learn more about object oriented programming and I have a few questions about the class below.
I'm working in Visual Basic.NET
My questions are
Is there a better place / way to show ...
3
votes
1answer
120 views
Simple SSH bruteforcer in Ruby
I'm pretty new to Ruby, and working in the IT security field, I thought to make something useful to my work while I learn the language (even though I'm reinventing the wheel).
The script is working ...
4
votes
1answer
117 views
Login Authentication & Sign Up
This is a Login Authentication / Sign-up Models for my class project in PHP. I would really appreciate criticisms and any suggestions to improve security, code quality, etc.
Hashing.php
...
0
votes
1answer
52 views
Basic sign-up method, testable and with try/catch [closed]
I am learning how to implement testing and try/catch statements into my code. I have a Laravel application with the following ...
3
votes
1answer
83 views
PHP password encryption algorithm
I've written a password encryption algorithm in PHP, which (I think) is not very vulnerable to rainbowtable attacks. It's just that I don't have a lot of experience with encryptions, nor PHP. But from ...
2
votes
1answer
78 views
3
votes
1answer
155 views
Basic login script for educational purposes
I have created a login script to demonstrate the usage of sessions in PHP. The focus is not on security, databases or encryption. The idea is to exemplify how you can use sessions to protect pages ...
6
votes
2answers
114 views
Password recovery program
This is a password recovery program I made, and I just want it checked out.
These aren't all the files for the login and register system, only the password recovery part. The columns in the ...
2
votes
2answers
274 views
Sharepoint Authentication Helpers
I'm working on a rather large SharePoint project that's going to contain helper classes for a variety of item levels (sites, webs, lists, items, etc').
When writing code I'm expecting that the same ...
1
vote
1answer
91 views
Parse.com simple query: login and display account balance
I was recently at a hackathon and saw quite a few people using Parse, so I decided to check it out and read some guides online. Can someone take a look at my code? I followed Parse documentation so it ...
4
votes
1answer
93 views
Simple administrator authentication page in PHP
I made a simple administrator page lock in PHP and I was wondering how secure it was. I want to use this script to secure administrator pages for my portfolio site but I want it to be fairly secure.
...
1
vote
1answer
42 views
Authentication management
I have the following code and I think it's almost impossible to read and to maintain. I prefer self-explaining and modular code where variable and function names tell what I'm trying to do, but I ...
3
votes
0answers
36 views
PL/pgSQL autologin token generation
Here's an excerpt from my migration script for my database for the new "remember me" login option for my web application.
Logging in with a valid username/password combination (authenticate_user) ...
6
votes
5answers
875 views
Creating Original Database Algorithm--Login System
For fun, I have been making a very basic login system in Python. I was going to look up an algorithm or something for user info storage and transfer, but then decided it would be more fun to come up ...
1
vote
0answers
110 views
Login authentication model
I have made my model global so that I can work only a model with several controllers. Is it good or bad practice? And according to this, is my login process secure?
Login check function in ...
1
vote
2answers
129 views
Open server asking for a password
It first creates a server and waits to connect. Once the client connects to the server he gets the line. If he puts the correct code he gets output -> good job. If not -> the software disconnects.
My ...
6
votes
4answers
314 views
Register/Login and authentication through terminal
This is a registration and login program I made in Python that runs through the terminal. I am new to programming so I didn't have any actual use for this, I simply made it for practice. Please give ...
0
votes
0answers
126 views
User login authentication
I started with OOP around 1 week ago and I would like to ask you to check my code and give me some tips and advice but also tell me what I'm doing completely wrong. I also know that my code is not ...
0
votes
0answers
48 views
Front-end login system
After some googling for about 2 days, I am here with a simple wordpress front-end login system.
Please let me know if there is anything wrong with it, or if there is anything I can do, for improving ...
5
votes
4answers
1k views
Basic OS login program
I have just finished the sololearn C++ course and wanted to create a basic login program in the vein of a basic operating system.
...
3
votes
2answers
1k views
Authenticating user/password against Active Directory using ASP.NET Identity
I am trying to learn how to use ASP.NET Identity. My scenario is that I have to authenticate against Active Directory. For that purpose I am trying to use ...
6
votes
1answer
394 views
Checking two text field for match and checking for null
Is this the most efficient way to do this? Any suggestions on some thing I might have missed or can do better?
...
1
vote
1answer
66 views
4
votes
2answers
522 views
“Remember me” functionality for a website
I have read a few SO threads to implement remember_me functionality.
Steps I have followed:
User clicks on login button and if passes client side validation, it goes to php Login page.
First time
...
3
votes
1answer
293 views
Authentication using PDO
I'm new to PDO, so I was wondering if you guys could check over my PDO code for efficiency (and if the PHP can be improved)
...
