[plug] ISPs storing plain-text passwords...
Bret Busby
bret at clearsol.iinet.net.au
Tue Aug 7 14:04:33 WST 2001
On Tue, 07 Aug 2001, Jeremy Malcolm wrote:
> > This is not the point... I don't care where it is stored... I don't
> > agree that it should be stored in plain-text... I don't believe that
> > anyone other than myself should need to know my password... and
> > therefore it should not be stored anywhere in plain-text...
>
> If the ISP supports CHAP authentication, then it has to be stored in
> plain text. It is, literally, part of the spec (RFC 1994).
>
Ah, yes, but, because it is the law, does not make it right...
;)
Bret Busby
.............
More information about the plug
mailing list