On Nov 4, 2005, at 21:26 , Bert Freudenberg wrote:
>
> Besides, the username/password is transmitted over the internet  
> unencrypted, using HTTP basic authorization, so you shouldn't use  
> valuable passwords anyway. Also, squeaksource stores those plain- 
> text passwords unencrypted.

That's not correct. We decided to store a hash (SHA) of the password  
in SqueakSource rather than plain-text.

Adrian