[dev] password security during the session -- what is it?

Rich Lafferty rich@horde.org
Wed, 20 Dec 2000 15:08:35 -0500


On Wed, Dec 20, 2000 at 03:00:26PM -0500, Michael Bull (mbull@uoguelph.ca) wrote:
> I've had a question regarding "how secure" passwords are that are in use by 
> the IMP server.   As in, after I login and type my password, how is made 
> use of / stored? during my session, and what are the security 
> implications.

They're transmitted from the browser to the Web server, and then
stored on the webserver. They're then transmitted from the Web server
to the IMAP server whenever necessary to establish an IMAP connection.

  -Rich

-- 
------------------------------ Rich Lafferty ---------------------------
 Sysadmin/Programmer, Instructional and Information Technology Services
   Concordia University, Montreal, QC                 (514) 848-7625
------------------------- rich@alcor.concordia.ca ----------------------