mailing list archives
Re: store passwords securely in the internet
From: Patrick Cornelissen <cornelis () pcornelissen de>
Date: Mon, 12 Apr 2010 18:54:03 +0200
On Monday 12 April 2010 17:55:47 Adam Mooz wrote:
Because then the passwords are sent in the clear from the server to
the client. If someone were to MITM they could get whatever password
you requested, or worse is they'd get all your passwords. Too much
Arrgh, see below:
You should always transmit sensitive data encrypted or encapsulate it
in a secure tunnel like a VPN.
<cornelis () pcornelissen de> wrote:
Am Dienstag 06 April 2010 23:40:05 schrieb Andre Pawlowski:
I hope there is any use for this program and I'm glad if anyone of you
send me any critics or suggestions.
Why don't you en-/decrypt the password on the server and not on the
store the encrypted passwords and protect them.
It was too early in the morning... I wanted to write:
"Why don't you en-/decrypt the passwords on the client and not on the
store the encrypted passwords and protect them."
I somehow wrote server and meant client and vice versa...
(Definitively more coffee before writing mails...)
Mit freundlichen Gruessen, // Bye,
Description: This is a digitally signed message part.
Re: store passwords securely in the internet Patrick Cornelissen (Apr 12)
Re: store passwords securely in the internet Jan G.B. (Apr 12)
Re: store passwords securely in the internet Laurens Vets (Apr 13)