-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Wed, Aug 09, 2006 at 04:40:09PM -0400, William L. Maltby wrote:
Having to stop the passwords on plaintext (on the ISP side) always makes me raise an eyebrow toward any place that offers CHAP as authentication. Then again, I always use different passwords everywhere, so that is not usually a big issue.
Same here, even in my own net (I have grandchildren: they can be "snoopy"). The darn trouble is trying to remember them all, including those for different 'net sites; all have a different password.
The plain text password didn't bother me so much as my connection was a dial-up Point-to-Point connection. One would need some special acces to intercept.
CHAP autentication send the "password" encrypted over the wire. The problem is how it is stored on the ISP server.
[]s
- -- Rodrigo Barbosa "Quid quid Latine dictum sit, altum viditur" "Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)