[OSM-talk] Mailing list security
Colin Smale
colin.smale at xs4all.nl
Sat Nov 25 11:55:26 UTC 2017
On 2017-11-25 11:53, Éric Gillet wrote:
> This is non-ideal, but you were warned during your account creation that this password is to be considered non-secure :
>
>> You may enter a privacy password below. This provides only mild security, but should prevent others from messing with your subscription. Do not use a valuable password as it will occasionally be emailed back to you in cleartext.
Thanks Éric, I admit that "I was warned" but I still find it scandalous
in this day and age... It seems this shortcoming in mailman was fixed in
V3, released in 2014. I read here that V3 no longer stores
unencrypted/decryptable passwords:
https://mail.python.org/pipermail/mailman-users/2014-July/077411.html
Are we still running V2.1?
//colin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/talk/attachments/20171125/f9d3774c/attachment-0001.html>
More information about the talk
mailing list