[NCLUG] Stamping out clear-text passwords (was Re: webhosting question)
John L. Bass
jbass at dmsd.com
Wed Oct 16 09:12:54 MDT 2002
If the other end is a Linux/FreeBSD/Unix server with the SSL libraries, the
easiest thing is to enable POP3/IMAP with SSL to solve the clear text problems.
Just as a number of shops have dropped ftp/telnet for clear text password
security problems, the same should be true of POP3/IMAP.
John
<embarassed admission>I've been using ssh & sftp exclusively for a while
now, quite smugly, and never even thought of the authentication step in
POP3.</embarassed admission>
So, how does one tunnel POP3 through ssh? And what about on
Windows/MSOutlook, do I have *any* secure options there?
--Rich
On 15 Oct 2002, Chris Riddoch wrote:
> I'd like to take this moment to mention that Peak to Peak only allows
> you to use FTP to upload pages to your web space, and only provides
> POP3 for pulling down email from their server, both of which send your
> passwords in the clear.
_______________________________________________
NCLUG mailing list NCLUG at nclug.org
To unsubscribe, subscribe, or modify your settings, go to:
http://www.nclug.org/mailman/listinfo/nclug
More information about the NCLUG
mailing list