> > But encrypting them creates only an illusion of safety.
> I didn't suggest encrypting them but using hash+salt!
Yes, of course. That's nitpicking. Please excuse that I didn't pay
attention to the terminology.
> 1) the whole discussion about acknowledging that some data are more
> confidential then other. You obviously don't think so.
No, precisely because normally the _data_ in a database are much more
valuable than the passwords.
> > It is ridiculous if we talk about allowing changing passwords and/or
> > sending them via unencrypted mails, and at the same time make so much
> > fuss about hiding them within the machine.
> Again, I am strongly against sending passwords via e-mail. If you don't
> store the passwords in the first place, there is no way to send them
You should read the discussion in this thread carefully. We had
suggestions to generate short-term passwords and send them by mail.
> protected. From the point somewhere gets hold of your database your
> system is completely unprotected. And confidential databases leak all
Again: If somebody gets hold of the database, everything is lost. This
is what must be avoided, and not eyewashing by pretending a false
> And confidential databases leak all the time.
Really?! Probably because they relied on their encrypted (sorry:
hashed!) passwords :-D
> The thing I suggested would give protection to passwords even
> if somebody got hold of the database.