-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SSL. Once the conversation is encrypted to your satisfaction, you can use
plaintext passwords and avoid whatever it is you don't like about the
hashing methods.
- --
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
Typically when a software
Apache MD5 hashes are refolded in such a way that they are expected but not
proven to be less breakable than a straight MD5 hash, and most certainly
expected to be less reducable than direct MD5 collision prediction.
However, a straight (not refolded) flavor of SHA1 is also available and you
woul
A question regarding httpd authentication. Currently I am using the default base64 method, which I believe is insecure. Also only the first 8 characters of our passwords are actually encrypted. We have several scripts which verify passwords from the htpassword file. Mostly using the perl pa