Found, a new rootkit
Paul Howarth
paul at city-fan.org
Fri Apr 7 09:19:36 UTC 2006
Tim wrote:
> Les Mikesell:
>>> How do you prevent re-use without keeping plain text or reversibly
>>> encrypted copies of the old ones laying around waiting to be
>>> stolen?
>
> If you're storing *old* passwords that you don't want people to use
> again, would it matter if they're stored as plain text? I would imagine
> that you could just add them to a banned passwords list.
Given that people habitually use the same passwords in lots of places,
storing old passwords in plain text is probably not a great idea, as
what's an old password in one place might be a current password
somewhere else.
Paul.
More information about the fedora-list
mailing list