[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [glob2-devel] YOG hosting/diagnosis
|
From: |
Leo Wandersleb |
|
Subject: |
Re: [glob2-devel] YOG hosting/diagnosis |
|
Date: |
Sun, 17 Jul 2011 01:34:56 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.17) Gecko/20110424 Thunderbird/3.1.10 |
Hi,
@stephane: thanks for checking the hashing.
@othniel, valentin: YOG has rudimentary user scoring. this would be flawed
without passwords.
@jannis: as it is not about putting the data on a public server i would be fine
with giving it to othniel or whoever manages and is willing to run the yog
server (running the server can be done before transmitting the data).
i would consider an SHA1-hash sufficiently strong as cracking it would yield a
certain amount of criminal energy that would not be needed with plain text
passwords. in the end we would need to trust the host, anyway as no matter how
much salt we use the admin of the user db will be able to brute force passwords.
Regards,
Leo Wandersleb
- [glob2-devel] YOG hosting/diagnosis, Othniel Graichen, 2011/07/15
- Re: [glob2-devel] YOG hosting/diagnosis, Leo Wandersleb, 2011/07/15
- Re: [glob2-devel] YOG hosting/diagnosis, Stéphane Magnenat, 2011/07/16
- Re: [glob2-devel] YOG hosting/diagnosis, Jannis Froese, 2011/07/16
- Re: [glob2-devel] YOG hosting/diagnosis, Austin H, 2011/07/16
- Re: [glob2-devel] YOG hosting/diagnosis, Baptiste, 2011/07/16
- Re: [glob2-devel] YOG hosting/diagnosis, Othniel Graichen, 2011/07/16
- Re: [glob2-devel] YOG hosting/diagnosis, Lukasz Dobrogowski, 2011/07/17
- Re: [glob2-devel] YOG hosting/diagnosis,
Leo Wandersleb <=