[Freeciv-Dev] Re: Passwd auth with MD5 hash
[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
Hi!
>> [...] the owner of the save game file can always change the password
>> or hack the server to not hash it, so it doesn't add any security.
> It does in civserver.freeciv.org where password-based authentication
> would be very nice, while the savegames are published on the website.
I try write usable password authentication to FreeCiv, because while
my connection is closed, meanwhile other people can't join in my name...
DES or MD5 hash is very good for insecure usage, where I can't trust
in the server admin. The MD5 hash can't explain, except brutal force. If
I can join without password, or whichever password, then the server is
cracked, else server is good. Through the plain password transmission is
not enough secure (packet sniffing)... but enough secure of general
usage. The plain password in saved games is not secure IMHO.
--
Frank O'Yanco - Auth Gábor -=- Mobil/SMS +36203494743 /+36303687792
Age of The Penguin -=- SuSE Linux 7.1 -=- http://andromeda.rgstudio.hu
- [Freeciv-Dev] Re: Passwd auth with MD5 hash, Bernd Jendrissek, 2001/08/21
- [Freeciv-Dev] Re: Passwd auth with MD5 hash, Trent Piepho, 2001/08/21
- [Freeciv-Dev] Re: Passwd auth with MD5 hash, Reinier Post, 2001/08/21
- [Freeciv-Dev] Re: Passwd auth with MD5 hash,
Auth Gábor <=
- [Freeciv-Dev] Re: Passwd auth with MD5 hash, Trent Piepho, 2001/08/21
- [Freeciv-Dev] Re: Passwd auth with MD5 hash, Erik Sigra, 2001/08/21
- [Freeciv-Dev] Re: Passwd auth with MD5 hash, Trent Piepho, 2001/08/21
- [Freeciv-Dev] Re: Passwd auth with MD5 hash, Erik Sigra, 2001/08/21
- [Freeciv-Dev] Re: Passwd auth with MD5 hash, Trent Piepho, 2001/08/21
- [Freeciv-Dev] Re: Passwd auth with MD5 hash, Erik Sigra, 2001/08/21
- [Freeciv-Dev] Re: Passwd auth with MD5 hash, Paul Zastoupil, 2001/08/24
[Freeciv-Dev] Re: Passwd auth with MD5 hash, Gaute B Strokkenes, 2001/08/21
|
|
