[Catalyst] ANNOUNCE: SimpleDB - Auth configuration made easy

Matt S Trout dbix-class at trout.me.uk
Mon Oct 27 23:18:52 GMT 2008


On Mon, Oct 27, 2008 at 03:51:49PM -0700, Darren Duncan wrote:
> Zbigniew Lukasiak wrote:
> >    * Your passwords are stored in the 'password' field in your users
> >table and are not encrypted.
> 
> This is always a bad idea.  If someone ever gets direct database access, 
> they now know each user's mindset as to how they choose passwords

This is the catalyst list, not the "stating the fucking obvious" list.

-- 
      Matt S Trout       Need help with your Catalyst or DBIx::Class project?
   Technical Director                    http://www.shadowcat.co.uk/catalyst/
 Shadowcat Systems Ltd.  Want a managed development or deployment platform?
http://chainsawblues.vox.com/            http://www.shadowcat.co.uk/servers/



More information about the Catalyst mailing list