On 5/25/06, Ulrich Staudinger <[EMAIL PROTECTED]> wrote:
Right. I just would have like to have it standardized. But yes, you are correct, simply altering a client should be very fine for a single service.
Just provide a tiny md5 calculator for the users :-) Tell them they need to run their password via the tool to generate the jabber password :-P
However, as community software usually stores passwords in md5, most other communitys can't simply plug in a jabber server for the said reasons.
mmm, sucks. There's no good reason to store passwords as *unsalted* md5 these days. There's a good reason to use some sort of salt. username:realm: seems like a good salt to use, but it does require that _all_ forums you want to plugin to implement it. The best suggestion is to use plain combined with tls/ssl (which is probably a good idea anyways). If you're using any sort of external auth (ldap, pam) then you have to use plain anyways. -- - Norman Rasmussen - Email: [EMAIL PROTECTED] - Home page: http://norman.rasmussen.co.za/