[Imapfilter-devel] Encrypted passwords

Lefteris Chatzibarbas lefcha at users.sourceforge.net
Tue Dec 18 00:25:54 EET 2001


On Mon, Dec 17, 2001 at 08:41:29PM +0000, Gabor Z. Papp wrote:
> * Lefteris Chatzibarbas <lefcha at users.sourceforge.net>:
> 
> | A part of cryptography (including the secure password storage protocol) is
> | based on the fact that it costs a lot of cpu power and time to find the
> | password (eg. using a 128bits key, with brute-force attack, 2^128 different
> | keys must be tried).  By the term "light encryption" (as I understand it)
> | you are reffering using a smaller key, which does not get rid of the "hassle"
> | of entering the master password, but just weakens the security.
> 
> Yupp. When you'll implement a such encryption, you can be
> sure I'll use it. But when you implement something that
> block the normal usability of imapfilter... Just think about
> fetchmail. You would use fetchmail day by day when it would
> ask for a password every time?

It blocks usability, but it is also optional.  Yes, I prefer, too, secure
solutions, but I make my choices between security and usability, because
sometimes there is no way that you can have them both.

If fetchmail had a similar feature, I might use it or not.  I cannot see
how does it makes life harder for the user, when he just can ignore such
capability.

_______________________________________________
Imapfilter-devel mailing list
Imapfilter-devel at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/imapfilter-devel



More information about the Imapfilter-devel mailing list