Do I understand the code correctly if I read that you're now using the session key as a one-time-pad to encrypt/decrypt the password, and the password is never stored un-encrypted anywhere ?
-jf -- [email protected] https://inverse.ca/sogo/lists
- [SOGo] Secured session cookies Ludovic Marcotte
- Re: [SOGo] Secured session cookies Jan-Frode Myklebust
- Re: [SOGo] Secured session cookies Ludovic Marcotte
- Re: [SOGo] Secured session cookies Jan-Frode Myklebust
- Re: [SOGo] Secured session cookies Ludovic Marcotte
- Re: [SOGo] Secured session cooki... Jan-Frode Myklebust
- Re: [SOGo] Secured session c... Ludovic Marcotte
- Re: [SOGo] Secured sessi... Jan-Frode Myklebust
- Re: [SOGo] Secured sessi... Ludovic Marcotte
- Re: [SOGo] Secured sessi... Ludovic Marcotte
- Re: [SOGo] Secured sessi... Jan-Frode Myklebust
