It's more like a bug from Google. I retrieved the Google testing account just created to take a closer look. The retrieved field UserEntry.Login.HashFunction is null, which means Google stores the password as SHA-1 hashed but it won't remember the password hash is set true or not and just deal with the password as plain text.
On May 16, 3:02 pm, cutethree <[EMAIL PROTECTED]> wrote: > Hello, > > I created the account using SHA-1 hashed password. I'm sure Google > Provision API does checked the password to make sure it's SHA-1 hashed > because when I manipulate the hashed string, it returns error saying > the hashing diguest is invalid. If it's correct, Google takes it and > created the account successfully. > > After account creation, I login as the just created user to test. > Google won't allow me to login using the original password and the > "hashed string" logged me in. So Google doesn't deem the hashing > string as a hashing or what? > > Thanks, --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
