Yes. 1. Read the manual sections concerning setting up new accounts with special emphasis on passwords. 2. When you thoroughly understand those matters, take the issue to the system administrator and/or management.
hth, Doug Only two things are infinite, the universe and human stupidity, and I'm not sure about the former. -- Albert Einstein On Wed, 12 Dec 2001 15:55:04 -0700, James McLaughlin wrote: >The new programmer for our company is not using the dataType "password" or >any encryption what so ever for our user accounts (accounts that our >customers use for getting into our system) in our database. > >Instead he is using the VarChar dataType. > >Can someone explain to me how I can exploit this and show them it is very >dangerous. > > > >Thanks > >James > >--------------------------------------------------------------------- >Before posting, please check: > http://www.mysql.com/manual.php (the manual) > http://lists.mysql.com/ (the list archive) > >To request this thread, e-mail <[EMAIL PROTECTED]> >To unsubscribe, e-mail <[EMAIL PROTECTED]> >Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php > --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php