Did you even care about reading the Xitami FAQ ? This small section tells you everything you need to know http://www.imatix.com/html/xitami/index13.htm#m_7 ) 7: Why is the password file not encrypted? In general if access to your server is secure, then the lack of encryption is not a problem. If someone can read the Xitami directory on your system, they can see the passwords. Note that even if you use a hashed password file, it is often trivial to discover passwords using a dictionary-based attack. It's therefore much better to concentrate on hiding the password file than on encrypting it. At some future date, Xitami will support encrypted (hashed) passwords. That could be the reason why Imatix hasn't answered you yet. Best regards.... ------------------------------------------------------- BlueScreen / Florian Hobelsberger (UIN: 101782087) Member of: www.IT-Checkpoint.net www.Hackeinsteiger.de www.DvLdW.de ================================================================== To encrypt classified messages, please download and use this PGP-Key: http://www.florian-hobelsberger.de/BlueScreen-PGP-PubKey.txt ==================================================================
