[rt-users] question about password encryption
Lawrence Lee
llee at mail.ivillage.com
Wed Aug 23 14:38:09 EDT 2000
well, suboptimal (sending passwords in plaintext over http) but one workaround we
use is to install RT on an https server. it doesn't protect the plaintext
passwords in the database any more but with some standard system hardening it's
better than nothing.
Jesse wrote:
> Known deficiency in rt 1.0. That binary file is only readable by root.
> and the passwords are sent in cleartext over http. it's all quite suboptimal.
> rt2 will be better about this.
More information about the rt-users
mailing list