On 21 Oct 2005, at 05:56, Marijn Vriens wrote:
Anybody care to comment about the benefits of having clear text passwords in the database?
Yep, there's a very good benefit - you can use non-clear-text authentication. The problem with MD5 hashing is that it uses a different key each time, so for both sides to agree on what the hash should be both sides need to have the clear text passwords.
I think most people would agree that storing clear text passwords is preferable to transmitting clear text passwords across the internet.
-- Phillip Hutchings [EMAIL PROTECTED]
smime.p7s
Description: S/MIME cryptographic signature
