Any one-way encryption method will work, but why not modularized authentication support? Something that would permit you to use anything from one-way-encryption to Kerberos to LDAP, but not necessarily just a fixed algorithm. LDAP is an interesting possibility, but I don't like the idea of being stapled to LDAP -- it's overkill for most installations. Alexander Staubo http://www.mop.no/~alex/ mailto:redhand@mop.no

-----Original Message----- From: Rob Page [mailto:rob.page@digicool.com] Sent: 11. mai 1999 22:10 To: 'Alexander Staubo' Cc: 'zope@zope.org' Subject: RE: [Zope] Security glitch on user-editing form

...

I just found that Zope presents the user-editing form (manage_users) with the password in plaintext. That's a bit crude.

As an example of our Open Source business model a current customer is rather interested in LDAP and has asked us to develop some Zope integration for it. LDAP stores the _hash_ of users' passwords (e.g., crypt, MD5, SHA). Our LDAP effort will be very sensitive to this approach.

What are people's thoughts on storing password hashes instead of the plaintext password? Of course, it would become impossible to offer the "You Forgot Your Password For the Fifteenth Time" email messages...

Idea? Comments?

--Rob