comment on

Passing the password as an MD5 hash isn't any better than passing it in the clear, if it weren't done over SSL. Just thought I'd point it out and make it explicit.

I've done something similar in the past. If we wanted to be truly paranoid we'd implement S/Key. (I wish I had my JavaScript S/Key implementation working, maybe someday...).

UPDATE: Some reading on S/Key; RFC 1938, RFC 2289

-- perl -pe "s/\b;([st])/'\1/mg"

In reply to Re: Web based password management (or how *not* to blame tye) by belg4mit
in thread Web based password management (or how *not* to blame tye) by maverick

Are you posting in the right place? Check out Where do I post X? to know for sure.
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
Want more info? How to link or How to display code and escape characters are good places to start.


Your skill will accomplish what the force of many cannot
	PerlMonks