[Phpgroupware-users] security/passwords

phpgroupware-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Phpgroupware-users] security/passwords

From:	Ralf Utermann
Subject:	[Phpgroupware-users] security/passwords
Date:	Wed, 26 Mar 2003 10:41:55 +0100
User-agent:	Mutt/1.4i

Hi,

two questions concerning passwords in phpgw:

- it looks like phpgw keeps the passwords' md5-hash in its
  phpgw_accounts table even if I authenticate against email.
  In this case I would prefer that phpgw doesn't keep it -- is
  this configurable somewhere?

- The users' passwords during a session are kept in the
  the kp3 cookie, right? How does the encrypt/decrypt work? 
  If I never use an application like email (and thus, the 
  password is never needed) does phpgw nevertheless store it
  in the cookie? Could one add an option to set set 'secure flag'
  on this cookie?

Bye, Ralf
-- 
        Ralf Utermann
_____________________________________________________________________
        Universität Augsburg, Institut für Physik   --   EDV-Betreuer
        Universitätsstr.1             
        D-86135 Augsburg                     Phone:  +49-821-598-3231
        SMTP: address@hidden         Fax: -3411

[Prev in Thread]

Current Thread

[Next in Thread]

[Phpgroupware-users] security/passwords, Ralf Utermann <=
- Re: [Phpgroupware-users] security/passwords, Chris Weiss, 2003/03/26
  - Re: [Phpgroupware-users] security/passwords, Ralf Utermann, 2003/03/26
- Re: [Phpgroupware-users] security/passwords, Chris Weiss, 2003/03/26
  - Re: [Phpgroupware-users] security/passwords, Ralf Utermann, 2003/03/27

Prev by Date: Re: [Phpgroupware-users] default settings for new users
Next by Date: Re: [Phpgroupware-users] calendar app
Previous by thread: [Phpgroupware-users] proper upgrade method?
Next by thread: Re: [Phpgroupware-users] security/passwords
Index(es):
- Date
- Thread