RE: [fw-wiz] Sourceforge sending out passwords in the clear (forwarded message from Barry A. Warsaw)
From: Barry A. Warsaw (barry@zope.com)
Date: 08/05/02
- Next message: David Lang: "Re: [fw-wiz] Is the order of the rules entered in iptables important?"
- Previous message: Paul D. Robertson: "RE: [fw-wiz] Sourceforge sending out passwords in the clear (forwarded message from Barry A. Warsaw)"
- In reply to: Barry A. Warsaw: "RE: [fw-wiz] Sourceforge sending out passwords in the clear (forwarded message from Barry A. Warsaw)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "Paul D. Robertson" <proberts@patriot.net>, Ousmane Wilane <wilane@cyg.sn>, <firewall-wizards@honor.icsalabs.com> From: barry@zope.com (Barry A. Warsaw) Date: Mon Aug 5 12:04:00 2002
>>>>> "BAW" == Barry A Warsaw <barry@python.org> writes:
>>>>> "PDR" == Paul D Robertson <proberts@patriot.net> writes:
PDR> If the Web or mail command allows a password fetch, wouldn't
PDR> a link to the password fetching page be better than sending
PDR> the actual password?
BAW> Perhaps. It's an interesting idea.
Of course, I just realized that the password reminder /does/ include a
link to the page with the Remind button. So all the monthly reminder
would have to do is suppress the actual password. I'd probably do
this as a per-user option, i.e. "No" (don't send), "Yes" (send), "Yes,
but obscure" (send the reminder but without the password).
-Barry
- Next message: David Lang: "Re: [fw-wiz] Is the order of the rules entered in iptables important?"
- Previous message: Paul D. Robertson: "RE: [fw-wiz] Sourceforge sending out passwords in the clear (forwarded message from Barry A. Warsaw)"
- In reply to: Barry A. Warsaw: "RE: [fw-wiz] Sourceforge sending out passwords in the clear (forwarded message from Barry A. Warsaw)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
