[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Hello fellow PLUG members, Actually, POP can support encrypted passowrds via the extension referenced in RFC 1734, "POP3 AUTHentication command". Some POP clients that support APOP include Microsoft Outlook Express, Eudora Lite, and Claris EMailer. APOP-compliant POP servers include Qualcomm QPopper 2.2 and higher as well as Microsoft Exchange. -Andrew On 1999年8月31日, Michael W. Ryan wrote: > On 1999年8月31日, Nick R wrote: > > > Umm, aren't the passwords encrypted? > > Nope. Only if the protocol supports encrypted passwords, and POP isn't > one of them. POP is clear text. So is HTTP. If you capture packets, > you can reconstruct a persons session VERBATIM, headers, content, > everything. > > Michael W. Ryan, MCP, MCT | OTAKON 1999 > mryan@netaxs.com | Convention of Otaku Generation > http://www.netaxs.com/~mryan/ | http://www.otakon.com/ > > PGP fingerprint: 7B E5 75 7F 24 EE 19 35 A5 DF C3 45 27 B5 DB DF > PGP public key available by fingering mryan@unix.netaxs.com (use -l opt) > > > _______________________________________________ > Plug maillist - Plug@lists.nothinbut.net > http://lists.nothinbut.net/mail/listinfo/plug > _______________________________________________ Plug maillist - Plug@lists.nothinbut.net http://lists.nothinbut.net/mail/listinfo/plug