Accounts.xml stores passwords in plain text.
Daniel Atallah
daniel.atallah at gmail.com
Tue Dec 18 13:38:47 EST 2007
On Dec 18, 2007 1:32 PM, Ka-Hing Cheung <khc at hxbc.us> wrote:
> On Tue, 2007-12-18 at 01:38 -0500, Mark Doliner wrote:
> > That's certainly possible. It's not really something users should have
> to
> > deal with, though. I'd rather just try md5 and if that fails then fall
> back
> > to XOR.
>
> I don't think silently drop to a known to be insecure authentication
> mechanism is a good idea.
I tend to agree with this.
In this case, it is really no worse than the current behavior, but if we are
changing something, we might as well do it right.
-D
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://pidgin.im/pipermail/devel/attachments/20071218/3d432850/attachment.html>
More information about the Devel
mailing list