19 Jan
2012
19 Jan
'12
7:37 p.m.
On Tue, Jan 17, 2012 at 12:22:35AM +0000, Ed W wrote:
Note I personally believe there are valid reasons to store plaintext passwords - this seems to cause huge criticism due to the ensuing disaster which can happen if the database is pinched, but it does allow for enhanced security in the password exchange, so ultimately it depends on where your biggest risk lies...
Exactly. In any security decision, consider the threat model first. There are too many kneejerk "secure" ideas in circulation.
http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: