On Wed, Jul 31, 2013 at 10:25:03AM +0200, Philip Poloczek wrote:
> It's kind of secure. These passwords are very sensitive, i don't
> even want administrators to read these passwords in plain text.
> Maybe i should use ldap.
>
Hi Philip,
Storing a hash of a password that you could use is the same as
storing the plain text password with the same security concerns.
As you suspect, using something like ldap, gssapi or a multi-
factor authentication scheme is much, much better.
Regards,
Ken