9 Dec
2004
9 Dec
'04
2:02 p.m.
On Wed, 2004-12-08 at 20:58, Mark Sapiro wrote:
I looked through the code somewhat, particularly the code that produces password reminders, and I can't see anywhere where there is any encryption/decryption of passwords going on.
Correct. Mailman does not encrypt or hash member passwords, and they are stored in the clear in the config.pck file (this is actually not good, but it's the way it is). Owner and moderator passwords are generally hashed, typically these days with sha1. I have no idea where your passwords are getting changed.
-Barry