On Wed, 6 Jun 2001, Evan Simpson wrote:
From: "Jerome Alet" <alet@unice.fr>
Of course for every new user of every password change, store the password in an encrypted form (MD5 will do).
The patch should be an one (or two) liner (although I've not verified) and should be transparent for everyone.
Keep in mind that there's a price to be paid, here. Since HTTP is connectionless, interacting with Zope requires re-authenticating on every request. If you're going to have a lot of requests that require authentication, you want it to be computationally inexpensive. On the other hand, if the only people logging in are a few developers, it's not a problem.
You're right. so why not make it an option (not reversable) which would default to the safe "passwordhash=YES", and which would allow computational intensive sites (many authenticated requests a day) to disable it knowingly after having properly secured access to Data.fs AND Data.fs.old This would also prevent any problem with the hypotethical existing products which expect unencrypted passwords, until they are corrected. bye, Jerome Alet