Odp: AW: win2000 + unix
rszczesniak at mis.com.pl
Thu Sep 28 15:53:38 GMT 2000
Steve Langasek <vorlon at netexpress.net>
Do: Rafał Szcześniak <rszczesniak at mis.com.pl>
DW: Robert Wieczorek <Robert.Wieczorek at Telelogic.de>,
samba-ntdom at us4.samba.org
Temat: Re: Odp: AW: win2000 + unix
On Thu, 28 Sep 2000, [iso-8859-2] Rafa³ Szcze¶niak wrote:
> Why don't you use encrypted passwords ???
> It's much, much safer.
This is misleading. Using encrypted passwords is much safer *from network
eavesdropping*. But like CHAP (one of Microsoft's other favorite
it requires storing plaintext passwords (or their equivalent) on the
Can you explain me then, where Samba stores plaintext passwords, when uses
encrypted passwords on the wire ?
making the server a much more valuable target for a cracker. If you offer
other services that use plaintext password exchange, then storing
plaintext-equivalent passwords on the server could weaken security rather
than strengthening it.
More information about the samba-ntdom