[pmwiki-users] Whats about the security of pmWiki?
Ben Wilson
dausha at gmail.com
Wed May 17 10:38:19 CDT 2006
As safe as crypt() or sha1(). If you're going to have those passwords
available for internet access to a site, definitely do not leave them
in clear text.
However, I would generally admonish you _not_ to use those passwords
on a web server. If they are defeated, then your system is vulnerable.
It would be better to devise an alternate password system than
parasite off of a secure system.
On 5/17/06, Daniel Hofer <daho at borntofly.ch> wrote:
> Hello
>
> I have a list of passwords in our company (i.e. Windows logins and so)
>
> How secure is it to list them in pmWiki on a webserver (internet, not
> intranet)?
>
> I'm using Authuser, the whole wiki is read-protected with a password.
> And also write-protected (user dependent)
>
> Storing the passwords in a word or excel file on the internal server is
> one possibility.
> Store in pmWiki the other one.
>
> What do you think about this?
>
> Thanks a lot.
>
> Daniel
>
>
> _______________________________________________
> pmwiki-users mailing list
> pmwiki-users at pmichaud.com
> http://host.pmichaud.com/mailman/listinfo/pmwiki-users
>
--
Ben Wilson
" Mundus vult decipi, ergo decipiatur"
More information about the pmwiki-users
mailing list