[wikka-community] replacing wikka-login/authentication with apache htaccess/htusers
flurios
flurios
Sun Aug 29 13:11:01 GMT 2010
On Sat, Aug 28, 2010 at 4:51 PM, Will Woodhull <wwoodhull at gmail.com> wrote:
> This question seems to be the same as
>
> ?????? "Does anyone know how to extract the cleartext passwords from
> Wikkawiki?"
>
The question was more like: can you make apache eat unsalted md5
hashes or salting existing hashes... or whatever.
> I would hope that if there is anyone who has cracked the Wikkawiki security
> scheme, they will keep their mouth shut.
>
it's not about cracking anything. the passwords are saved in the
mysql-db -- not in clear text, but hashed. with rainbow tables they
could be reverse engineered. so using htaccess could be more secure.
cheers
More information about the community
mailing list