I agree with Giszmo. These passwords should not be plain text. They should be stored in encrypted format in the text file, and transfered as that md5 string, rather than taking plain text, encrypting it, and sending.
And when you need the password to fill in the YOG login screen, perhaps instead implement a new "Login using last signed in account or relogin" type of thing. Regards Kieran On Sun, Oct 19, 2008 at 6:14 AM, Leo Wandersleb <[EMAIL PROTECTED]>wrote: > jon Neal wrote: > > The second one doesn't really have a solution, does it? That's just a > > security problem on the users side, so that would deal with them having > > a virus, nothing much can be done there. > > > > (not completely sure, because I haven't done tons of research in this > area.) > > > > if the stored password is not protected by a password itself > (password-manager) this can only be called insecure. > > > -- > Wer mir seinen Brief im verschlossenen Kuvert schicken möchte, kann das mit > diesem Schlüssel tun: > http://wiki.leowandersleb.de/index.php/Public_Key > > > _______________________________________________ > glob2-devel mailing list > [email protected] > http://lists.nongnu.org/mailman/listinfo/glob2-devel >
_______________________________________________ glob2-devel mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/glob2-devel
