[JDEV] Account information storage, plaintext?
Tijl Houtbeckers
thoutbeckers at splendo.com
Fri Sep 12 17:31:54 CDT 2003
"Jamin W. Collins" <jcollins at asgardsrealm.net> wrote on 13-9-2003
0:11:40:
>
>Agreed, but I was thinking more of the end users using public Jabber
>servers. These users are giving their login and password to the Jabber
>Server admin(s) for each IM network when they register with a transport
>on these servers. I'm not saying I have a better idea, but this seems
>like a rather large hole waiting to be exploited.
I think most "average" users tend to reuse the same password a lot
anyway, so the password from their jabber account is probably the same
as for those networks in a lot of cases. So you have to trust your
server admin anyway.
There is one solution ofcourse if you don't want to give any forgein IM
network passwords to the admin, just convince all your contacts to
switch to Jabber ;)
--
Tijl Houtbeckers
Software Engineer @ Splendo
The Netherlands
More information about the JDev
mailing list