If i use janrain what information is stored in the tables? Is this more trustable for users because i have an app to be used not by internal users but by clients of my company to request products. They can reject my app because of password confidentality.
Thank you António 2011/8/3 Massimo Di Pierro <massimo.dipie...@gmail.com> > The password are hashed not encrypted (also known as a one-way- > encryption). A hacker getting access to the passwords file cannot > decrypt them. The hacker can "theoretically" find collision but it is > almost impossible with SHA512+HMAC (which web2py uses). > > Things are different for the administrator. Nothing prevents the > administrator from intercepting the communications and logging the > password in a separate file. That is true for ANY application, not > just web2py. > > > > On Aug 3, 5:11 am, António Ramos <ramstei...@gmail.com> wrote: > > hello, > > what do i tell in my company to convinve them to use web2py apps without > > fearing that i as administrator cannot discover their password? > > > > Thank you > > > > António >
