[Mailman-Users] multiple mailing list passwords
Peter Shute
pshute at nuw.org.au
Fri May 30 11:03:40 CEST 2014
> Tanstaafl writes:
>
>> It *does*...
>
> It does?? As you described it, he can let passwordmaker choose his
> password. But he says he can't do that. Or he can specify the whole
> password as the prefix, which is insecure. And AIUI that's not
> acceptable to him either, as far as I can see he's very concerned
> about security. So what's the third option that is both secure and
> allows use of the current password?
>
> As far as I can see, you're just saying the requirements are stupid.
> I tend to agree (for several reasons), but unfortunately it's also
> common that one needs to follow them anyway, and AFAICS the OP is in
> that situation.
>
>> now who is missing what?
>
> I could very easily be missing something that nobody has put into
> words yet, of course.
Explained in an earlier message:
> "Yes... you can force it to use a previously established password that
> you don't want to change by simply creating an account for the URL,
> setting a password length of the exact length of the current password,
> then entering the password into the prefix field.
>
> This isn't very secure, because the password is then stored inside the
> .rdf file, but it will work."
>
So you are correct about it not being secure. How insecure, I don't know. Is this rdf file encrypted? Do you need a master password to use it?
I expect all the Apple quoting will vanish from the text above, I hope you can work out what's quoted and what's not.
Peter Shute
More information about the Mailman-Users
mailing list