Re: [newbie] Why is my login pass to my ISP not encrypted?
Having worked at an ISP previously, those sort of userID and passwds aren't seen as something to important to hid to them. However most ISPs do use PAP which is more secure, but can still be hacked by somebody with the knowledge. Another reason why ISPs encourage passwd changes, especially for dial up users on a regular basis. Some use CHAP, but very few use passwd encryption. You being an ADSL user, I wouldn't even worry honestly. You send your passwd across so fast, a user would have to have some serious hardware to really pluck that passwd out of transmission. For dial in users, it's more of an issue, but real crackers just hack the /etc/passwd and passwd files on the auth server, so it doesn't matter what you send your passwd as. :0) tdh T. Holmes Unixtechs.org [EMAIL PROTECTED] "Real Men use Vi." * Anthony [EMAIL PROTECTED] [010402 20:29]: | I was looking at etc/sysconfig/draknet.adsl_pppoe and my username and pass to | login to my ISP account was in plain text, viewable by anyone..Is this | normal?
[newbie] Why is my login pass to my ISP not encrypted?
I was looking at etc/sysconfig/draknet.adsl_pppoe and my username and pass to login to my ISP account was in plain text, viewable by anyone..Is this normal?
Re: [newbie] Why is my login pass to my ISP not encrypted?
I was looking at etc/sysconfig/draknet.adsl_pppoe and my username and pass to login to my ISP account was in plain text, viewable by anyone..Is this normal? Yes, slip ppp (pppoe) are not encrypted. There is another log-in protocol, older (I forget just now what that is), which is, but, as I understand it that was never standardized. A friend of mine who runs a large user isp, my Web host, told me long ago when I'd realized what you have that it's not considered that important. Particularly, since one is ~supposed~ to change one's password regularly. Meph -- "I did this 'cause Linux gives me a woody." -Dave '-ddt-' Taylor, announcing DOOM for Linux
Re: [newbie] Why is my login pass to my ISP not encrypted?
On Monday 02 April 2001 19:43, you wrote: I was looking at etc/sysconfig/draknet.adsl_pppoe and my username and pass to login to my ISP account was in plain text, viewable by anyone..Is this normal? Yes, slip ppp (pppoe) are not encrypted. There is another log-in protocol, older (I forget just now what that is), which is, but, as I understand it that was never standardized. A friend of mine who runs a large user isp, my Web host, told me long ago when I'd realized what you have that it's not considered that important. Particularly, since one is ~supposed~ to change one's password regularly. Meph Thanks U for the reply Meph, I was a little concern..
