[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Moving to a central db

Subject: Re: Moving to a central db
From: "Christopher Murtagh" <..hidden..>
Date: Fri, 3 Nov 2006 13:29:24 -0500

On 11/3/06, Chris Travers <..hidden..> wrote:

I was thinking about this....

Wondering if it would be easier to have a "convert account" screen
that we could have that would allow people to convert their accounts
on first login, so we don;t have to force a password reset for all
users.


That might not be a bad idea. I also forgot to mention that the
dbpassword also needs this same treatment (as it's packed in the .conf
file), but it's stored in plain text in the users_conf table (security
via obscurity is dumb, security via pack/unpack is even dumber :-).

Cheers,

Chris

References:
- Moving to a central db
  - From: Christopher Murtagh
- Re: Moving to a central db
  - From: Chris Travers

Prev by Date: Re: Moving to a central db
Next by Date: Re: Moving to a central db
Previous by thread: Re: Moving to a central db
Next by thread: Re: Moving to a central db
Index(es):
- Date
- Thread