[JDEV] Account information storage, plaintext?

Richard Dobson richard at dobson-i.net
Mon Sep 15 16:38:57 CDT 2003

> > > Maybe I'm missing something obvious, but what is the harm in
> > > encrypting/hashing/obfuscating them?  It seems bad form to have
> > > plain text passwords stored anywhere when there is some sort of
> > > alternative (even if it's not a particuarly good one).  The only con
> > > I can possibly think of is that it might give the admin a false
> > > sense of security - but I can't see that as a major issue, and
> > > probably one that can be addressed in the documentation.
> >
> > Of course two way reversable encryption is certainly an option instead
> > of just storing the bare plain text password, but the original message
> > author was advocating the use of non reversable hashes,
> AFAIK, I was the original author of this thread , and I did no such
> thing.  Were you referring to someone else?  I simply asked if anyone
> else saw the plaintext storage as a problem.

Sorry I meant the original author of the line of questioning, Bart I


More information about the JDev mailing list