dcrespo wrote: > Two copies of the password: one on the client, the other on the server. [snip] > I think it is a very good solution, Isn't it?
Ignoring all the other issues, any solution which actually requires the password to be stored on the server is a bad solution. Administrators should not have access to user passwords, and in addition users should not be put in the position of having to trust your server-side security to keep their passwords (which they might have used on other systems) from being grabbed by hackers. -Peter -- http://mail.python.org/mailman/listinfo/python-list
