MC passwords in images?
Adrian Lienhard
adi at netstyle.ch
Fri Nov 4 21:22:13 UTC 2005
On Nov 4, 2005, at 21:26 , Bert Freudenberg wrote:
>
> Besides, the username/password is transmitted over the internet
> unencrypted, using HTTP basic authorization, so you shouldn't use
> valuable passwords anyway. Also, squeaksource stores those plain-
> text passwords unencrypted.
That's not correct. We decided to store a hash (SHA) of the password
in SqueakSource rather than plain-text.
Adrian
More information about the Squeak-dev
mailing list
|