On Tue, Apr 30, 2002 at 01:24:21PM -0400, Derek J. Balling wrote:
> >As a side note: have you considered that using the encryption in pptp
> >forces you to store userpasswords in cleartext? For my ISP [1] that was
> >a reason not to use pptp's encryption, especially since MS-CHAPv2
> >contains known security holes [2].
>
> Yes, unfortunately, for our predominant workstation (Win98), M$'s
> PPTP client is ubiquitous and other solutions are not necessarily so
> commonly deployed.
>
> D
> (who would LOVE to move to a _MORE_ secure solution, but is content,
> for now, to only allow himself and one other to even have accounts on
> the box with the cleartext passwds)
Ugh.. I'd never be content with cleartext passwords, especially given
how many security solutions are around today.
-Anne
--
.-"".__."``". Anne Carasik, System Administrator
.-.--. _...' (/) (/) ``' gator@cacr.caltech.edu
(O/ O) \-' ` -="""=. ', Center for Advanced Computing Research
~`~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Attachment:
pgpI7eVTCCfn6.pgp
Description: PGP signature