On 19 Dec 2013 01:01:11 -0800, <[email protected]> wrote: > ---In firebird-support@{{emailDomain}}, <mark@...> wrote: > > On 18 Dec 2013 13:14:07 -0800, <hvlad@... mailto:hvlad@...> wrote: > >>> Besides the documented limitation that passwords are 8 characters > >>> (Firebird 3 will lift that limitation), the connection protocol is not >>>> encrypted meaning that people can sniff the traffic and determine the
> >>> password. > >> > >> Password is never passed over the wire in open form. It is encrypted by >>> client... > > > Yes, but that is still susceptible to a replay attack, so the fact that > > it > > is encrypted doesn't actually matter for someone with the will and > > means, > > You said above that *password* could be determined by sniffer. This is > not true and i said it. > I said nothing more. True, but as always, I am usually thinking from the perspective of the Jaybird implementation :) Mark
