just to make it clear (again, as I already wrote this in this thread):

It would b extremely simple to "hash" the passwords. Just call something

   (native "" "MD5" '(B . 16) Str (length Str) '(NIL (16)))

in two places (where the passwords are stored, and where they are compared)
and you are done.

I just believe that those minimal security advantages do not outweigh
the disadvantages, like not being able to send the password (via
encrypted mail of course :) to somebody who forgot it, or making the
wiki (which is also published in source form as a demo program) more
complicated than necessary.

- Alex

Reply via email to