Odp: AW: win2000 + unix

Steve Langasek vorlon at netexpress.net
Thu Sep 28 15:44:21 GMT 2000


On Thu, 28 Sep 2000, [iso-8859-2] Rafa³ Szcze¶niak wrote:

> Why don't you use encrypted passwords ???
> It's much, much safer.

This is misleading.  Using encrypted passwords is much safer *from network
eavesdropping*.  But like CHAP (one of Microsoft's other favorite protocols),
it requires storing plaintext passwords (or their equivalent) on the server,
making the server a much more valuable target for a cracker.  If you offer
other services that use plaintext password exchange, then storing
plaintext-equivalent passwords on the server could weaken security rather
than strengthening it.

Steve Langasek
postmodern programmer





More information about the samba-ntdom mailing list