Dec. 8, 2004
3:16 p.m.
Quoting Dave Dewey (ddewey@cyberthugs.com):
Here's the issue I can't solve. It is clear that SOME user passwords in the lists' config.pck file are encrypted, and some aren't. This is within the SAME config.pck, I'm only running one list. When using 'dumpdb' to investigate the the users email/passwords, some of the passwords are definitely clear text. However, others (including all of my own, for various test subscriptions) are encrypted.
More info: it appears that only passwords that were chosen at time of subscription are encrypted. If a user then goes in and changes the password, it is stored unencrypted in config.pck.
dave