> Tanstaafl writes: > >> It *does*... > > It does?? As you described it, he can let passwordmaker choose his > password. But he says he can't do that. Or he can specify the whole > password as the prefix, which is insecure. And AIUI that's not > acceptable to him either, as far as I can see he's very concerned > about security. So what's the third option that is both secure and > allows use of the current password? > > As far as I can see, you're just saying the requirements are stupid. > I tend to agree (for several reasons), but unfortunately it's also > common that one needs to follow them anyway, and AFAICS the OP is in > that situation. > >> now who is missing what? > > I could very easily be missing something that nobody has put into > words yet, of course.
Explained in an earlier message: > "Yes... you can force it to use a previously established password that > you don't want to change by simply creating an account for the URL, > setting a password length of the exact length of the current password, > then entering the password into the prefix field. > > This isn't very secure, because the password is then stored inside the > .rdf file, but it will work." > So you are correct about it not being secure. How insecure, I don't know. Is this rdf file encrypted? Do you need a master password to use it? I expect all the Apple quoting will vanish from the text above, I hope you can work out what's quoted and what's not. Peter Shute ------------------------------------------------------ Mailman-Users mailing list [email protected] https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
