Date: Mon, 3 Nov 1997 15:55:58 -0800 (PST) From: Sean Eric Fagan <sef@Kithrup.COM> To: hackers@freebsd.org Subject: Re: Password verification (Was: cvs commit: ports/x11/kdebase - Imported sources) Message-ID: <199711032355.PAA07369@kithrup.com> In-Reply-To: <199711032102.TAA09231.kithrup.freebsd.hackers@gaia.coppe.ufrj.br> References: <Pine.BSF.3.95q.971103100454.20666A-100000@misery.sdf.com> from Tom at "Nov 3, 97 10:07:24 am"
next in thread | previous in thread | raw e-mail | index | archive | help
In article <199711032102.TAA09231.kithrup.freebsd.hackers@gaia.coppe.ufrj.br> you write: >Or, maybe, that a GROUP of uids could see every other password. >It is a way of thinking, and may be useful too. The proper way to do this is with Kerberos. *duck* Okay, but kerberos does provide a usable model, and it's already in the system. It doesn't let you see the encrypted password, but it does let you check to see whether a password matches. (And it doesn't send the password out in clear-text over the wire, either.)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199711032355.PAA07369>