From: vhost a. <foc...@ns...> - 2004-04-29 21:51:24
|
> Luke Schierer wrote: >>On Thu, Apr 29, 2004 at 03:01:50PM -0400, Jon Oberheide wrote: >>>On Thu, 2004-04-29 at 14:41, Jeremy Brown wrote: >>>>Jon Oberheide wrote: >>>>>On Thu, 2004-04-29 at 14:04, Luke Schierer wrote: >>>>>[snip] >>>>>>on a side note, someone brought up the idea of using a 1 way hash. >>>>>> that >>>>>>person apparently forgot that we have to read that password back out >>>>>> of >>>>>>the file and send it to the server. a 1 way hash is great for signing >>>>>>documents. its no good when you have to regenerate the orginal from >>>>>> the >>>>>>output. >>>>>> >>>>>A one-way hash would work effectively with certain protocols such as >>>>>oscar, since oscar using the following authentication: >>>>> >>>>>MD5(key + MD5(password) + AIM_MD5_STRING) >>>>> >>>>>In this scenario, a user's saved password could be hashed and stored >>>>> in >>>>>the accounts.xml safely AND still be used in authenticating without >>>>>requiring a master password or other user intervention. >>>>> >>>>You could still swipe the MD5'd password though, put it in your >>>>accounts.xml file, and log on as that user. Isn't that almost as bad >>>> as >>>>having the plaintext password? >>>> >>>IMO, a plaintext password is MUCH more dangerous than a hash. Many >>>people unfortunately use similar or the same passwords for wide variety >>>of accounts. For example, my friend's gaim password is the same as >>>their email, bank, university, and root password. It's a terrible >>>practice, and while developers should not cater to a user's stupidity, a >>>hash is much more secure. >>> >>>I don't think its possible to argue that a hash is not any better than >>>plaintext. >> >>sure i can. they can just swipe the whole file and they have your >>account. > > It just depends on what you're trying to argue. > > If you're trying to keep users from logging into your account, then no > method that keeps all decryption parameters in "accounts.xml" will ever > be more secure than plaintext passwords. > > If you're trying to keep your password(s) secret, but you don't mind > that users can log in as you...that's a slightly different issue. Right, and in gaim's current state, a hash provides better security for keeping your password secret. I believe that's what this thread was originally about. That is, keeping your password from prying eyes, not necessary preventing someone from signing on your account. I logically amend my previous statement, I meant to say "I don't think its possible to argue that plaintext is any better than a hash". Sorry about the formatting on this email...stupid webmail. :) Regards, Jon Oberheide jo...@fo... |