Re: How to store new password so no need to enter every time?

From: Stefan Sperling <stsp_at_elego.de>
Date: Sat, 5 May 2012 12:25:08 +0200

On Fri, May 04, 2012 at 11:17:58PM -0400, Nico Kadel-Garcia wrote:
> Now, all that said: I *loathe* HTTP/HTTPS password based acces, because
> there is no way to prevent your clients form storing passwords locally on
> Linux or UNIX hosts. They don't *have* to use the kwallet or gnome-keyring
> tools, and you can't make them without snooping on them all the time.

There are more authentication options available in httpd than just BasicAuth.

Some are single-sign on solutions and don't require any password at all.
Kerberos and SSPI for example. If httpd admins configure the server with
one of these authentication options no password will ever be stored.
Alas, whether you can use these options depends on the existing
infrastructure -- same story with SSH though.
Received on 2012-05-05 12:25:48 CEST

This message: [ Message body ]
Next message: Nico Kadel-Garcia: "Re: How to store new password so no need to enter every time?"
Previous message: Nico Kadel-Garcia: "Re: How to store new password so no need to enter every time?"
In reply to: Nico Kadel-Garcia: "Re: How to store new password so no need to enter every time?"
Next in thread: Nico Kadel-Garcia: "Re: How to store new password so no need to enter every time?"
Reply: Nico Kadel-Garcia: "Re: How to store new password so no need to enter every time?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]