General Password questions
Aahz
aahz at pythoncraft.com
Thu Oct 2 09:27:17 EDT 2003
In article <k5pjnvs6asl5407prag8e143hq2c7ferm3 at 4ax.com>,
G.A. <gafStopSpamData at ziplink.stopallspam.net> wrote:
>
>Better late than never: The only way to do this securely is to rely on
>the operating system's security, and even that isn't always possible.
>I think the NT/W2K model allows for encryption based on keys that
>only the specific user can use (i.e. you have to actually be logged
>in as that user; I'm not sure if the adminstrator can fake it). This
>won't work on 9X. On UNIX, a close approximation is to just store
>the password in a file to which only the user has read access, but
>obviously root will still have access.
Exactly, and too many users don't properly secure their machines.
>Note that if the application supports multiple mail accounts for a
>single user (as many do), then it becomes useful to have a single
>password for the application, used to encrypt the various passwords for
>the different mail accounts.
That's better.
--
Aahz (aahz at pythoncraft.com) <*> http://www.pythoncraft.com/
"It is easier to optimize correct code than to correct optimized code."
--Bill Harlan
More information about the Python-list
mailing list