[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: svnserve password store in clear text

From: Ng, Wey Han <weyhan.ng_at_atosorigin.com>
Date: 2004-06-04 05:25:40 CEST

> -----Original Message-----
> From: Mark Benedetto King [mailto:mbk@lowlatency.com]
> Sent: Thursday, June 03, 2004 10:48 PM
>
> If the problem you're trying to solve is one of people not
> liking their
> favorite plaintext passwords to exist in files on the svn server, why
> not just have them generate hashes of their plaintext passwords and
> send you those? You can put those in the password file (or write a
> CGI program to do it).
>
> They enter that hash rather than their plaintext password the one time
> that svn asks them for it, and voila, everything works.
>
> As an added benefit, they can use whatever hash function they want!

NO! :) It's hard enough to get people to use better password, getting them
to enter a hash password is going to be hell.

Regards,

Han.

----
Ng, Wey-Han
Atos Origin
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Jun 4 05:28:46 2004

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.