On Wed, Feb 19, 2003 at 04:21:38PM -0600, Matt Pavlovich wrote: > What the hell good is this? What service in their right mind would > store clear text passwords?
It depends on your threat model. Which do you think is more likely: that someone will break into your server and steal all the passwords? Or that someone will monitor the sessions between your users and the server, and sniff the passwords? In the case of PPP dial-up authentication, I'd say that interception is difficult (and therefore PAP with an encrypted password on the server is preferable to CHAP which requires a cleartext password on the server) However, it's not so clear-cut in the case of POP3 over the Internet, since sniffing passwords is so easy. You won't get every password, but if you sniff for a day or two you'll get a fair proportion. Arguably a challenge-response system, which requires a cleartext password for each account on the server, is more secure overall. > What moron at MS thought this up? Why not > challenge/response based on the SHA1 hash of the pass vs the clear text > password? I am not quite sure what you're getting at. You cannot design a password-based authentication system where there is neither a 'cleartext' shared secret at the server, nor a 'cleartext' password sent over the wire. By all means feel free to try :-) It's circle-squaring. If you want not to send the password over the wire, and not to store material on the server which could be used to authenticate if stolen, then you need to forget passwords and move to asymmetric (public-key) authentication methods. Regards, Brian. ------------------------------------------------------- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
