[Mailman-Users] multiple mailing list passwords

Peter Shute pshute at nuw.org.au
Fri May 30 11:03:40 CEST 2014

> Tanstaafl writes:
>> It *does*...
> It does??  As you described it, he can let passwordmaker choose his
> password.  But he says he can't do that.  Or he can specify the whole
> password as the prefix, which is insecure.  And AIUI that's not
> acceptable to him either, as far as I can see he's very concerned
> about security.  So what's the third option that is both secure and
> allows use of the current password?
> As far as I can see, you're just saying the requirements are stupid.
> I tend to agree (for several reasons), but unfortunately it's also
> common that one needs to follow them anyway, and AFAICS the OP is in
> that situation.
>> now who is missing what?
> I could very easily be missing something that nobody has put into
> words yet, of course.

Explained in an earlier message:
> "Yes... you can force it to use a previously established password that 
> you don't want to change by simply creating an account for the URL, 
> setting a password length of the exact length of the current password, 
> then entering the password into the prefix field.
> This isn't very secure, because the password is then stored inside the 
> .rdf file, but it will work."
So you are correct about it not being secure. How insecure, I don't know. Is this rdf file encrypted? Do you need a master password to use it?

I expect all the Apple quoting will vanish from the text above, I hope you can work out what's quoted and what's not. 

Peter Shute

More information about the Mailman-Users mailing list