tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Mansfield <paul.mansfi...@psineteurope.com>
Subject Re: any standart way to keep passwords encripted???
Date Mon, 05 Apr 2004 10:46:32 GMT
On Sat, 2004-04-03 at 02:10, Parsons Technical Services wrote:
> And if I am in control of the server, then I have access to that certificate
> as well.
> 
> The point is simply that with proper permissions your password is as safe as
> it needs to be. If someone gets to it, you have way bigger problems on your
> hands.


you could always use a smartcard or usb crypto dongle, such that the
private key never gets out... however, you still need to establish a
session with the key and that needs a password.




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message