Re: Oracle characterset confusion when storing encoded passwords

From: Noons <wizofoz2k_at_yahoo.com.au>
Date: Tue, 5 Feb 2008 22:04:50 -0800 (PST)
Message-ID: <6d5028f0-570d-4213-8db8-75f04c52a1de@m34g2000hsf.googlegroups.com>

On Feb 5, 9:02 pm, 151 <ga..._at_my-deja.com> wrote:

> I was slightly wrong in my description in that the password is sent in
> the clear (!) to the DB at "user registration time" and then the DB

YeGawds! I hope that app server is not in a DMZ and the db server in an Intranet, otherwise that just about lets any hacker get those passwords cleanly and easily... Received on Wed Feb 06 2008 - 00:04:50 CST

This message: [ Message body ]
Next message: Guru: "REF CURSOR"
Previous message: Obakesan: "which platform to pick for a scratch self education server"
In reply to: 151: "Re: Oracle characterset confusion when storing encoded passwords"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message