
On 2/12/2005 6:02, "Barry Warsaw" <barry@python.org> wrote:
On Sat, 2005-02-12 at 02:07, Bob Puff wrote:
So let me ask this: if we drop passwords for everything but the private archives, do we really need to do anything differently than the format currently in place? Do they really need to be one-way encrypted? Being able to email a forgotten password has its benefits.
It's still worthwhile (in the long run) to hash the passwords. Some people tend to re-use them, so stealing Mailman passwords can potentially lead to cascading attacks. Password resets are fine.
I don't see how users remote from their normal email can make use of password resets. Without the old password, how do they prove they should be able to reset a subscriber's password? Thus they can't designate the new password, nor learn the generated one, remotely.
I don't think the above kills the idea (I've changed my mind, with respect to the private archives, from what I said earler).
--John