Subj : src/sbbs3/useredit.cpp
To   : Digital Man
From : deon
Date : Sun Mar 05 2023 08:47 pm

  Re: src/sbbs3/useredit.cpp
  By: Digital Man to deon on Sat Mar 04 2023 08:24 pm

 > Not clear how/why that would be better. It would certainly give the
 > impression of secure-password storage, but without the actual security. That
 > sounds to me "worse", not "better".

What was the motivation for unix developers to change /etc/passwd from having clear text passwords, to having DES crypt passwords? I'm sure at the time, folks didnt implement it becasue they thought it was "worse"?

 > There are several secure (non-plain text) authentication methods that
 > Synchronet supports which assume the server has access to the user password
 > in plain text, e.g. SSH password auth, HTTP digest auth, APOP, etc.

Anyway, I get it - for challenge reponse mechanisms, SBBS doesnt have a "password database" for each type in use - prefering to having a single store for the user's password.


....лоеп

---
 ю Synchronet ю AnsiTEX bringing back videotex but with ANSI

.