On Tue, Apr 30, 2002 at 01:24:21PM -0400, Derek J. Balling wrote: > >As a side note: have you considered that using the encryption in pptp > >forces you to store userpasswords in cleartext? For my ISP [1] that was > >a reason not to use pptp's encryption, especially since MS-CHAPv2 > >contains known security holes [2]. > > Yes, unfortunately, for our predominant workstation (Win98), M$'s > PPTP client is ubiquitous and other solutions are not necessarily so > commonly deployed. > > D > (who would LOVE to move to a _MORE_ secure solution, but is content, > for now, to only allow himself and one other to even have accounts on > the box with the cleartext passwds)
Ugh.. I'd never be content with cleartext passwords, especially given
how many security solutions are around today.
-Anne
--
.-"".__."``". Anne Carasik, System Administrator
.-.--. _...' (/) (/) ``' [EMAIL PROTECTED]
(O/ O) \-' ` -="""=. ', Center for Advanced Computing Research
~`~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pgpWoXwofngwG.pgp
Description: PGP signature
