Support Requests item #1542814, was opened at 2006-08-18 14:22 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=200235&aid=1542814&group_id=235 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Priority: 5 Submitted By: Grayheart (grayheart) Assigned to: Nobody/Anonymous (nobody) Summary: Security Issue Initial Comment: The accounts.xml file in the .gaim settings folder stores user password information in plain text unencrpyted format. This is a major security risk. Especially for people who run their own chat servers that authenticate againt LDAP for users, as it then stores your NETWORK password in plain text. This could allow other network users to aquire passwords with little difficulty. This is not an issue with many other chat clients. Trillian, spark, yahoo, and msn all at least hash the password. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=200235&aid=1542814&group_id=235 ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Gaim-support mailing list Gaim-support@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/gaim-support