Re: Passwords logging

From: Bob Castillo (
Date: 02/02/00

        If ever there's a security issue about logging password... to check double
account or whatever...
        Maybe, it could be smart instead of logging "plain text password" to
download from the net a crypt function "DES encryption" (.c code) and hack
it up to: You remove the part of the code that assign a random salt to the
encryption... instead, you make it to use a fixed salt.. You would be able
to compare those encrypted password :)  Then you compile your MUD using that
.o file... so, you won't compromise your own system ;-) ; And, players would
be happy to keep their password private :)
        Or even easier, but maybe less secure.. it could be possible to log some
kind of password in 32bits CRC.
Get Your Private, Free Email at

     | Ensure that you have read the CircleMUD Mailing List FAQ:  |
     |  |

This archive was generated by hypermail 2b30 : 04/10/01 PDT