|
Posted by Alexander Mueller on 01/09/08 21:12
Harlan Messinger wrote:
>
> But since the hash, not the password, is what gets access to the
> application, how is this helpful?
Please! Reread my initial posting, all your questions should be answered
there. All advantages are listed there.
> Having the value of a string called a
> "password" is not an end in itself. The point is that the administrator
> has the data he needs to get into the application.
Its not about getting into an application. This is always possible. Its
about protecting the password and preventing replay attacks.
> And if you're talking
> about a situation where the administrator has access to the application
> itself (this isn't a given, but you've just added it to the scenario),
It isnt a given? In most cases the Administrator has access to the
application itself. Whether he is allowed to access it directly is
another issue.
> then why does it matter at all whether the administrator can see the
> password or the hash or anything else?
Password and Replay protection.
>
> You mentioned addressing this with SSL. Your rationale for your approach
> was to shield the password from the administrator as well.
In terms of SSL, yes. But for HTTP it would also provide additional
security layers.
>
> OK, this is the first time you've mentioned the issue of the
> administrator giving it to someone *else* instead of just knowing it
> himself.
Not only necessarily to someone else, but also abusing it for other
accounts of the user.
Alexander
[Back to original message]
|