RE: Question from a User

[Robin Mathews]

So true, but as a value added recommendation, I need to know if this is possible currently from the SQL database authentication features or is an additional cost involved (algorithm software)   Regards, Robin   -----Original Message----- From: Kupersmith, Steven [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 05, 2002 7:07 PM To: 'Kaplan, Jim'; '[EMAIL PROTECTED]' Subject: RE: Question from a User   There is only one way, passwords should be encrypted and should not be displayed in clear text by anyone. -----Original Message----- From: Kaplan, Jim [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 05, 2002 10:01 AM To: '[EMAIL PROTECTED]' Subject: Question from a User An AuditNet user submitted the following question   We have an accounting application that shows all the user passwords in clear text when the delegated data owner (finance head- highest rights)invokes the option. what is the solution/mgmt. recommendation to mask the passwords (SQL database)?   Any IT auditors with an answer?