Re: [Gaim-cabal] pidgin.im jabber server questions

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

On 10/24/06, Ethan Blanton <el...@ps...> wrote:
> How are the trac passwords stored?  Are we going to put the login form
> behind SSL?  (That is, do I need to make up Yet Another throwaway
> password for this thing?)

An excellent question.

The password is hashed and the hash stored it in a htdigest2 compatible file.

I'm assuming that we will be using SSL when we get the cert, but
currently the password is submitted in plain-text over HTTP.

Someone motivated could probably without much difficulty update the
AccountManagerPlugin to be capable to hash the password in javascript
and send the hash - that would be neat.

-D

Re: [Gaim-cabal] pidgin.im jabber server questions

A universal instant messaging (IM) program

Re: [Gaim-cabal] pidgin.im jabber server questions