RE: svnserve password store in clear text

From: Ng, Wey Han <weyhan.ng_at_atosorigin.com>
Date: 2004-06-04 05:25:40 CEST

> -----Original Message-----
> From: Mark Benedetto King [mailto:mbk@lowlatency.com]
> Sent: Thursday, June 03, 2004 10:48 PM
>
> If the problem you're trying to solve is one of people not
> liking their
> favorite plaintext passwords to exist in files on the svn server, why
> not just have them generate hashes of their plaintext passwords and
> send you those? You can put those in the password file (or write a
> CGI program to do it).
>
> They enter that hash rather than their plaintext password the one time
> that svn asks them for it, and voila, everything works.
>
> As an added benefit, they can use whatever hash function they want!

NO! :) It's hard enough to get people to use better password, getting them
to enter a hash password is going to be hell.

Regards,

Han.

----
Ng, Wey-Han
Atos Origin
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Received on Fri Jun 4 05:28:46 2004

This message: [ Message body ]
Next message: Greg Hudson: "RE: svnserve password store in clear text"
Previous message: Ng, Wey Han: "RE: svnserve password store in clear text"
Maybe in reply to: Ng, Wey Han: "svnserve password store in clear text"
Next in thread: Ng, Wey Han: "RE: svnserve password store in clear text"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]