On Mon, Oct 27, 2008 at 03:51:49PM -0700, Darren Duncan wrote:
> Zbigniew Lukasiak wrote:
> > * Your passwords are stored in the 'password' field in your users
> >table and are not encrypted.
>
> This is always a bad idea. If someone ever gets direct database access,
> they now know each user's mindset as to how they choose passwords
This is the catalyst list, not the "stating the fucking obvious" list.
--
Matt S Trout Need help with your Catalyst or DBIx::Class project?
Technical Director http://www.shadowcat.co.uk/catalyst/
Shadowcat Systems Ltd. Want a managed development or deployment platform?
http://chainsawblues.vox.com/ http://www.shadowcat.co.uk/servers/
_______________________________________________
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
