Michael Allen wrote:
> To be pedantically technical, this is no more safe than sending the password
> in plaintext. If you sent plaintext, someone snooping would see something
> like this:
A lot of people get confused about this. You will even see secure
hashes referred to as 1-way encryption. There is a use for hashing
passwords but it is for storage not transmission. It's fairly secure
for storage since you have no way of going backward from the stored
value. As you point out however hashing for transmission is useless.
--
Take a walk on the wild side: http://www.metronet.com/~gardner/
There is a road, no simple highway, between the dawn and the
dark of night. And if you go no one may follow. That path is
for your steps alone.
The Grateful Dead ("Ripple")
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
FAQs on JSP can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
