* In what circumstances was an attack possible?
ie. What combination of modules, options, auth methods.
* You use Catalyst::Authentication::Credential::Password.
* With the hashed password_type.
* And your database is compromised.
* Which versions were vulnerable, and if any, at what
On 08/04/10 16:21, Andrew Rodland wrote:
* In what circumstances was an attack possible?
ie. What combination of modules, options, auth methods.
* You use Catalyst::Authentication::Credential::Password.
* With the hashed password_type.
* And your database is compromised.
I'd like to
Toby Corkindale toby.corkind...@strategicdata.com.au writes:
On 08/04/10 16:21, Andrew Rodland wrote:
* In what circumstances was an attack possible?
ie. What combination of modules, options, auth methods.
* You use Catalyst::Authentication::Credential::Password.
* With the hashed
On 08/04/10 22:49, Daniel Pittman wrote:
Toby Corkindaletoby.corkind...@strategicdata.com.au writes:
On 08/04/10 16:21, Andrew Rodland wrote:
* In what circumstances was an attack possible?
ie. What combination of modules, options, auth methods.
* You use
On Thursday 08 April 2010 08:12:24 pm Toby Corkindale wrote:
On 08/04/10 22:49, Daniel Pittman wrote:
...but your lost database *also* exposed user account/password pairs,
which can now be tried against other services, since people usually use
the same weak password and username all over
Gah, I posted the wrong URL.. If only we moved our mailing list to
AOL, I could undo the send.
http://github.com/EvanCarroll/Catalyst-Plugin-Authentication
Anyway, that's the repo -- Find the commits here:
http://github.com/EvanCarroll/Catalyst-Plugin-Authentication/commits/master
I'm not sure