Menu
▾
▴
Re: [Fwd: Re: plain text passwords [wasRe: [Gaim-devel] libyahoo2 integration?]]
|
From: Luke S. <lsc...@re...> - 2002-07-27 00:52:20
|
On Fri, Jul 26, 2002 at 05:39:46PM -0700, Christian Hammond wrote: > On Fri, Jul 26, 2002 at 05:27:27PM -0700, Morgan Collins [Ax0n] wrote: > > > > I think that if you encrypted the password, it would be wise to require > > the user to enter their previous password before changing their password > > anyways. > > Except that gaim would have to be able to decrypt them before logging > in. This would require that an encryption scheme be used that provides > for decrypting. However, this is no different than, say, reversing the > characters in the password. Anybody could just get to it anyway, by > simply decrypting it. > > Now you could encrypt the entire .gaimrc file and ask for a password > on startup, but guess what? You would then need to store THAT password > somewhere, and suddenly you run into the exact same problem. > > Bottom line: There is no method that will provide the (false) security > that people are looking for. The most secure thing you can do is to > chmod 600 ~/.gaimrc, and last I checked, that happens automatically. actually, that's second most secure Christian ;-). Most secure would be taking the DEFAULT (emphasis added for other listeners) option NOT to save the password. luke > > Christian > > -- > Christian Hammond <> The GNUpdate Project > ch...@gn... <> http://www.gnupdate.org/ > Some people have a way with words, while others.. erm... thingy. > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > _______________________________________________ > Gaim-devel mailing list > Gai...@li... > https://lists.sourceforge.net/lists/listinfo/gaim-devel -- -This email is made of 100% recycled electrons. -If something can go wrong.... FIX IT! If it's Microsoft...delete it. -There are three ways to get something done: (1) Do it yourself. (2) Hire someone to do it for you. (3) Forbid your kids to do it. |
