General Password questions

Leonardo Santagada retype at terra.com.br
Tue Sep 23 19:53:14 CEST 2003


Riccardo Attilio Galli wrote:

> On Tue, 23 Sep 2003 09:28:49 -0400, Peter Hansen wrote:
> 
> 
> 
> I think you have misunderstood me(mmm, I hope it sound polite enough in
> english). An user should never enter the password again. I know how hashes
> work, and they're useful when I can compare an entered password with an
> hash value, but here I need that the user don't enter a password anymore
> (after the first time).
> 
> The natural use of the program would be:
> run the e-mail client for the first time
> user enter his e-mail password
> the client check for new mails
> user close the client.
> 
> while 1:
>   user run the e-mail client
>   the client check for new mails WITHOUT ask for a password
>   user close the client
> 
> I hope I was clearer. I think Richard got the point, whit a "sad but true"
> answer.
> 
> Ciao,
> Riccardo
> 
> 
I Really think he didn't understand you because hashing a password that 
you will need again isn't possible. You need to store the password in a 
crypt way, but I don't know how to generate the master password(the one 
that is used by the crypto program to encrypt the pop or imap 
passoword). I really don't understand a lot about encrypting something, 
but sha1 and md5 are not reversible. If they were, then I would download 
only the signature of a file and not the file. Now you need to know how 
mozilla does it.





More information about the Python-list mailing list