onsdag 21. april 2004, 20:45, skrev Andreas Schuldei: > * Knut Yrvin ([EMAIL PROTECTED]) [040421 20:28]: [snip] > > It's a third (3) way to handle this. Schuldei could make the feeld "Admin > > passord" with stars, when the password is cached. Then he shows that the > > system has taken care of the WLUS-password. When it's not stars there, > > the user-admin can type the WLUS-password again ... > > > > This will remove the problem with usability, and show the users that the > > password is already in place :-) > > that is a good idea. i had it too and disregarded it because then > i would need to re-transmit that password in the html-code of the > page. it might get cached in the browser cache and could be > extracted somehow, by evil people. so i opted against this for > security reasons. we can do it anyway, of cause. > > if i would just transmit stars or some other junk, it would seem > to webmin and wlus that this junk was entered as a password. i > cant help that, that is how http and html works. if someone knows > a good workaround i would like to hear that. if a wrong password > is typed wlus uses that one instead of the cached value. > > /andreas
While reading this thread I found my self wondering: Could this "some junk" be a flagging trough .. say a colour-change in the Admin-password field? .. or a small text appearing next to it informing the user? - Just a spark :) Gjermund Skogstad
