Read and respond to this message at: https://sourceforge.net/forum/message.php?msg_id=4211080 By: deryni9
If the token you need to present to the server is the hash (which you have stored in the accounts.xml file) then that hash *is* your password, in the same way the current 'normal' password is your password. It is the literal string that a person would need to steal in order to log in as you. Think about this, what if right now whenever you needed to create a new password, you ran a hash over it first and then used that, would your resulting accounts.xml look any different than if gaim did the hashing of your 'normal' password and then stored it? And of course the hash changes all the time or it wouldn't secure anything. Anyone listening on the network would get *exactly* what they need to log in as you, which no matter which way you slice it *is* your password. ______________________________________________________________________ You are receiving this email because you elected to monitor this forum. To stop monitoring this forum, login to SourceForge.net and visit: https://sourceforge.net/forum/unmonitor.php?forum_id=665 ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Gaim-forums mailing list Gaim-forums@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/gaim-forums
