Forum OpenACS Q&A: Re: Password in ClearText

17: Re: Password in ClearText (response to 1)

Posted by Andrew S on 10/31/03 09:59 PM

Tom, it is possible that I am confused, but I am not confused about the name and password being sent in clear text over the network. What I am talking about are ways to avoid that. I am not talking at all about what happens after that, e.g., user groups.

18: Re: Password in ClearText (response to 17)

Posted by bill kellerman on 10/31/03 10:23 PM

hi andrew.

i think the point is that the standard method of protecting data sent over the network is ssl. it may not be ideal, but it works, many people use it, and it doesn't have outrageous requirements of the client.

this is a common problem though, so if you have some suggestions of how you'd solve it or some more information or examples then it might help you to learn how things are working, in what direction they are going, and improvements that could be made to better suit what you're asking for.