[Moin-user] Re: On logging out and hashed passwords
Alexander Schremmer
2004b at usenet.alexanderweb.de
Mon Feb 14 10:44:43 EST 2005
On Sun, 13 Feb 2005 18:51:47 +0100, Malte Helmert wrote:
> Another issue, a question regarding hashed passwords: Since it is
> possible to login with the encrypted password, what is the point of
> storing them in encrypted form? Everyone who can read the encrypted
> password can do everything they could do if they could read the
> unencrypted password, so doesn't this promote a false sense of security?
It does. This will hopefully be fixed in 1.4.
Kind regards,
Alexander
More information about the Moin-user
mailing list