Am 30.12.2013 18:07, schrieb Graham Leggett: > On 30 Dec 2013, at 6:58 PM, Stefan Fritsch <[email protected]> wrote: > >> Does anyone disagree with the below change (not yet merged to 2.x >> branches)? There is a similar paragraph in howto/auth.xml that I >> intend to remove. > > I would say digest authentication is insecure because it (to my knowledge) > forces you to store the password in cleartext
clearly no [harry@srv-rhsoft:~]$ htdigest --help Usage: htdigest [-c] passwordfile realm username The -c flag creates a new file. does *not* store plaintext passwords
signature.asc
Description: OpenPGP digital signature
