Subject: Re: SASL auxprop mysql plugin question
From: Branko F. Gracnar (bfg at noviforum dot si)
Date: Mon Apr 21 2003 - 18:10:48 EDT
> awhile back and didn't have very much luck. But, I
> noticed that even with the md5 hashed records in the
> database, security wasn't really improved. What I
All queries to database are SSL encrypted.
Let's say, that you steal entire database, including passwords. If passwords
are in clear text, you can easily use them. If they are hashed and if
passwords are good (relatively complex), you will need pretty strong
machines to crack them in time, that they are still usable...
And another reason, why i want hashed passwords - i'm migrating from
existent database to mysql db and i cannot ask users to reset their