On Sun, 2010-10-17 at 23:17 -0430, Patrick O'Callaghan wrote: > On Mon, 2010-10-18 at 16:06 +1300, Victoria Spagnolo wrote: > > First, apologies for asking here, I have searched. Please, let me know > > where I should be reading or asking. > > I just found out that my ISP stores my password (POP account) as text > > and all the support people can see it and can change it. > > Is this normal? If not, what is and what question do I ask an ISP when > > deciding which one. > It sounds pretty dumb but IMHO it's more important to use SSL/TLS on > your POP connection than to worry about the password not being encrypted > on the server.
+1 Exposure over-the-wire is a much more significant issue. > With most server setups, support staff can do anything > they want to your account anyway and having a non plaintext password > will not stop them. +1 > I'm assuming that normal users can't log into the server and get a Shell > of course. _______________________________________________ evolution-list mailing list [email protected] To change your list options or unsubscribe, visit ... http://mail.gnome.org/mailman/listinfo/evolution-list
