[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SASL secrets in LDAP

   Date: Mon, 06 May 2002 17:14:03 -0700
   From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
   Cc: <openldap-devel@OpenLDAP.org>

   At 05:02 PM 2002-05-06, Howard Chu wrote:
   >For many good reasons, we discourage the storage of plaintext passwords in

   Yes, but if userPassword is plaintext (as it really should be, see
   RFC 2256), then we can certainly use it for DIGEST-MD5.

Also, remember that the DIGEST-MD5 password hash is sufficient for
authentication (it is not a one-way hash like /etc/passwd).