Search RPD Archives
Limit search to: Subject & Body Subject Author
Sort by:

[AFRINIC-rpd] whois.afrinic.net leaks passwords

JP Viljoen froztbyte at froztbyte.net
Thu Nov 22 08:49:16 UTC 2012 

On 22 Nov 2012, at 8:56 AM, Guy Antony Halse <G.halse at ru.ac.za> wrote:
> On Thu 2012-11-22 (07:18), Sunday Folayan wrote:
>> Filter the display of the MD5 password immediately per BCP. Whether to 
>> use other passwords can be discussed in Khartoum, but let the filter be 
>> done ASAP.
> 
> I second this approach.

+1 from me as well. Calculating a bunch of possible MD5 hashes is relatively inexpensive, and can be done by anyone fairly easily. Given the vast majority of detail you could modify using this, I'd say it's well worth filtering immediately.

-J

More information about the RPD mailing list