>It's easy: he has READ to the db. He should have it. Why should he have it? Nobody needs read access to any password, copy, or back-up!
>Regarding passwords: no password is recorded in the db, but having the db he's able to use brute-force method to find the passwords. He wouldn't be able to brute-force mine! In my case, the term 'word' in password is a misnomer. I won't even tell you how I come up with mine, but letters in my case are rare, even in 'long' ones? - Ted MacNEIL [email protected] Twitter: @TedMacNEIL ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
