Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Note: You can take 10% off all Slashdot Deals with coupon code "slashdot10off." ×

Comment Completely wrong (Score 3, Interesting) 433

The "decret d'application" of the law (it's a law from 2004 but not applicable before this "decret") doesn't prohibit hashed password. It's a misinterpretation of the decret.
Actually, it states that IF you store the password in clear text for authentication, you have to keep the password in clear text in your logs during a year. But IF you store a hashed version of the password, you have to log the last hashed used. And if you don't store your users' password (logged via facebook or other centralized authentication) you don't have to.

The decret only specify what to keep in the logs IF the information is already known and stored. It doesn't specify WHAT to store. What to store is specified by a EU directive.

Yro

As of next Thursday, UNIX will be flushed in favor of TOPS-10. Please update your programs.

Working...