Odp: AW: win2000 + unix
Steve Langasek
vorlon at netexpress.net
Thu Sep 28 15:44:21 GMT 2000
On Thu, 28 Sep 2000, [iso-8859-2] Rafa³ Szcze¶niak wrote:
> Why don't you use encrypted passwords ???
> It's much, much safer.
This is misleading. Using encrypted passwords is much safer *from network
eavesdropping*. But like CHAP (one of Microsoft's other favorite protocols),
it requires storing plaintext passwords (or their equivalent) on the server,
making the server a much more valuable target for a cracker. If you offer
other services that use plaintext password exchange, then storing
plaintext-equivalent passwords on the server could weaken security rather
than strengthening it.
Steve Langasek
postmodern programmer
More information about the samba-ntdom
mailing list