[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] Question

Subject: [ale] Question
From: yahoo at jimpop.com (Jim Popovitch)
Date: Fri, 7 Mar 2008 21:10:02 -0500
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]>

On Fri, Mar 7, 2008 at 7:59 PM, James Sumners <james.sumners at gmail.com> wrote:
> That depends on the connection type: http or https. If it is http,
>  then the user sends the plain text password ("Irishboy"). If it is
>  https, then the transaction should be ecrypted point-to-point.

One additional point, with Apache 2.x you use htdigest instead of
htpasswd you can get better MD5 authentication. (yes, it's still
listed as experimental, but it sure beets passing near plaintext
around)
See: http://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html

-Jim P.

References:
- [ale] Question
  - From: terry at bitlinx.com (Terry Bailey)
- [ale] Question
  - From: james.sumners at gmail.com (James Sumners)

Prev by Date: [ale] Question
Next by Date: [ale] .htaccess
Previous by thread: [ale] Question
Next by thread: [ale] Question
Index(es):
- Date
- Thread