Re: Secure password storage

Archive of UserLand's first discussion group, started October 5, 1998.

Re: Secure password storage

Author: Eric Kidd

Posted: 9/9/2000; 6:03:43 PM

Topic: Biggest barrier to building a community in Manila

Msg #: 21090 (In response to 21087)

Prev/Next: 21089 / 21091

Note that if you do that, you give up the ability to do challenge response style authentication. (i.e. apop or the http authentication extensions). You are then essentially back at password equivalents.
It's really hard to protect against both network sniffers and theft of your password database. :-( That's why it's important to understand your threat model.
Cheers,
Eric

This page was archived on 6/13/2001; 4:56:36 PM.

© Copyright 1998-2001 UserLand Software, Inc.

Author:	Eric Kidd
Posted:	9/9/2000; 6:03:43 PM
Topic:	Biggest barrier to building a community in Manila
Msg #:	21090 (In response to 21087)
Prev/Next:	21089 / 21091