[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Encrypted Passwords



Thomas Gagne wrote:
> 
> When you do basic authentication on a web server, the password arrives in the
> CGI script encrypted.

No, unless the web server and the client are doing digest
authentication which is very unlikely.

> I was wondering if this encrypted password could be
> passed to an LDAP server, and your response suggests it cannot (should not).

The password is not "encrypted". It's hashed.

http://www.openldap.org/faq/data/cache/419.html

Ciao, Michael.