I'm not sure it works completely yet (I heard you can use MD5s in htaccess passwd file, but not config/passwd yet..), but passwords in htaccess passwd file and eventually the config.passwd file will be stored in MD5 hash, the advantage being that other systems can use the same hash string to authenticate users since MD5 is a 'standard'. Its basically similar to Unix Crypt in that sense. A noteable advantage is that there is a javascript which will MD5 a users password from a form before its transmitted over the network, making things a liitle more secure over non-ssl connections...
http://pajhome.org.uk/crypt/md5/index.html I'm pretty sure you can set one of the options to 'true' Use Unix, Use, NT auth, Use MD5.. -Ken Jim Burns wrote: > In the latest preview, I see a new addition in the config.ini. In the > [http] section we now have, "Use MD5 crypt = false" as well as, "Use > Unix crypt = true". Do we use one or the other or both? Can anyone out > there enlighten me on this? TIA Jim > -------------------------------------------------------------------------------- > For unsubscription of this list send an email to [EMAIL PROTECTED] > with email data containing unsubscribe emailadd sambar -------------------------------------------------------------------------------- For unsubscription of this list send an email to [EMAIL PROTECTED] with email data containing unsubscribe emailadd sambar
