Re: [Evolution] my ISP and my password



On Sun, 2010-10-17 at 23:17 -0430, Patrick O'Callaghan wrote: 
On Mon, 2010-10-18 at 16:06 +1300, Victoria Spagnolo wrote:
First, apologies for asking here, I have searched. Please, let me know
where I should be reading or asking.
I just found out that my ISP stores my password (POP account) as text
and all the support people can see it and can change it. 
Is this normal? If not, what is and what question do I ask an ISP when
deciding which one.
It sounds pretty dumb but IMHO it's more important to use SSL/TLS on
your POP connection than to worry about the password not being encrypted
on the server.

+1  Exposure over-the-wire is a much more significant issue.

With most server setups, support staff can do anything
they want to your account anyway and having a non plaintext password
will not stop them.

+1

I'm assuming that normal users can't log into the server and get a Shell
of course.





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]