On Wed, Dec 29, 2010 at 09:04:28AM -0500, Ludovic Marcotte wrote: > On 10-12-28 7:55 PM, Ludovic Marcotte wrote: > > [snip] > >For 3 and 4, we could as you suggested store a SHA (or whatever) > >version of the cleartext password in memcached that we would have > >got during the very first call and then, upon subsequent calls, > >compute again the deduced value and compare those hashes instead > >of going to the LDAP server (or SQL server if using SQL-based > >authentication). > > Done.
And since 1&2 didn't have any plaintext passwords in SOGo, all plaintext storage of passwords are now gone ? Wow, great! Thank you! -jf -- [email protected] https://inverse.ca/sogo/lists
