Hi Steve > It doesn't matter what gets stored as long as the > decrypted value matches the password. This part of what you said puzzles me. Why would you want to decrypt the password and isn't the point of md5 and DES that you don't decrypt the password. Usually the passwords are compared in their encrypted form. That's the whole idea of a message digest isn't it to get a unique signature for a message and to make it near impossible to retrieve the message from the signature again. Regards Jannetta --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|