10 Nov
2014
10 Nov
'14
2:27 p.m.
On Mon, Nov 10, 2014 at 09:18:15PM +0200, E.S. Rosenberg wrote:
... To me (someone who has been doing systemadmin/network admin/(web) development work) it seems like the most obvious thing in the world that I don't want my users passwords to be stored anywhere where me/any of my co-workers can get to them in cleartext and since root can get everywhere that means cleartext passwords belong nowhere.
Now I may be naive or have never tried to develop an AUTH protocol, so I am just very curious what the arguments are to store cleartext? Regards and thanks for the quick reply, Eli
Kerberos works well and does not require that cleartext passwords be stored on the server. Regards, Ken