[JDEV] Account information storage, plaintext?

Tijl Houtbeckers thoutbeckers at splendo.com
Fri Sep 12 17:31:54 CDT 2003

"Jamin W. Collins" <jcollins at asgardsrealm.net> wrote on 13-9-2003 
>Agreed, but I was thinking more of the end users using public Jabber
>servers.  These users are giving their login and password to the Jabber
>Server admin(s) for each IM network when they register with a transport
>on these servers.  I'm not saying I have a better idea, but this seems
>like a rather large hole waiting to be exploited.

I think most "average" users tend to reuse the same password a lot 
anyway, so the password from their jabber account is probably the same 
as for those networks in a lot of cases. So you have to trust your 
server admin anyway. 

There is one solution ofcourse if you don't want to give any forgein IM 
network passwords to the admin, just convince all your contacts to 
switch to Jabber ;) 

Tijl Houtbeckers
Software Engineer @ Splendo
The Netherlands

More information about the JDev mailing list