Chuck wrote: >> it's a higher level of security (through obscurity) No. Through added complexity (more bits of information required), not obscurity. Obscurity is a pitiful basis for security, and I know you guys know better than that.
:) Regards, Eric Longman Atl-Connect Internet Services +-------------------------------------------------------+ | Atl-Connect Internet Services http://www.atlcon.net | | 3600 Dallas Hwy Ste 230-288 770 590-0888 | | Marietta, GA 30064-1685 [EMAIL PROTECTED] | +-------------------------------------------------------+ ----- Original Message ----- From: "Charles Daminato" <[EMAIL PROTECTED]> To: "Fagyal Csongor" <[EMAIL PROTECTED]>; "Frank Michlick" <[EMAIL PROTECTED]>; "klaus rubba" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Wednesday, March 13, 2002 9:47 AM Subject: RE: reg_username and reg_password When you want to associate multiple domains into the same profile, using just the password isn't enough, since we'd have to ensure any password that's previously used (and isn't *your* profile) isn't duplicated. And for security reasons, if we use just domain/password, there's already one public piece of information for access to the domain. With a username it's a higher level of security (through obscurity) Charles Daminato OpenSRS Product Manager Tucows Inc. - [EMAIL PROTECTED]
