On Wed, 19 Oct 2011 19:41:33 +0200, Thomas Steinmaurer <t...@iblogmanager.com> wrote: >> 19.10.2011 15:31, Mark Rotteveel wrote: >>> True, but if it were possible, this is something where the balance >>> between >>> convenience and security should tip to security. >> >> Audit log is kept on the server. If a malefactor has access to >> server, there is no >> point to lock the door - horse is already away. > > Not with a user trace as the client receives the data.
And the assumption is incorrect that passwords sent to a specific server are always for services provided by that specific server, and people with access to logs are not always people who have (full) access to the entire server. Mark ------------------------------------------------------------------------------ The demand for IT networking professionals continues to grow, and the demand for specialized networking skills is growing even more rapidly. Take a complimentary Learning@Ciosco Self-Assessment and learn about Cisco certifications, training, and career opportunities. http://p.sf.net/sfu/cisco-dev2dev Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
