Tag Archives: Password

Kill the password

Okay, two Wired articles in a row. Sorry, but they’re super interesting this week. Today we’re pointing you in the direction of Kill the Password. In this one Mat Honan, whose digital life was erased by hackers this summer, talks about passwords and how they can’t keep us safe in a world of interconnected accounts and easy to Google personal information.

“The common weakness in these hacks is the password. It’s an artifact from a time when our computers were not hyper-connected. Today, nothing you do, no precaution you take, no long or random string of characters can stop a truly dedicated and devious individual from cracking your account. The age of the password has come to an end; we just haven’t realized it yet.”

Filed under Technology

Tech Tuesday: Validate Twitter credentials in AIR

Problem: Your AIR application needs to validate the username / password and handle failure gracefully within the application. If the user enters the wrong information you do not want them to be prompted with a Windows prompt asking them to enter their Twitter username / password. If the application needs to hold on to the credentials for any reason the Windows authentication to the API will break the AIR application.

“The server twitter.com at Twitter API requires a username and password.”

The URLRequest object has a property called ‘authenticate’ that must be set to false.
* Setting result.authenticate to false prevents the operating system from
* taking over and prompting the user to authenticate. It allows the AIR
* application to take the correct action.
private function twitterRequest (url : String):URLRequest
var result:URLRequest = new URLRequest (url);
if (this.authorizationHeader){
result.authenticate = false; // <--------- Most Important Line of Code!!!!
result.requestHeaders = [this.authorizationHeader];
return result;

Most of the code from the example attached is from the Google code repository.

Here are the source files to an example AIR application that uses actionscript to verify Twitter credentials without prompting a windows box on failure.

I would like to give credit to Clayton (file_cabinet) for coming up with the solution to this problem. Thanks Clayton!

This was originally posted on blackcj.com, Chris Black’s personal blog. Chris is a Senior Developer at Sierra Bravo.

Filed under Technology