On Fri, 2006-04-07 at 17:51 +0930, Tim wrote: > Les Mikesell: > >> How do you prevent re-use without keeping plain text or reversibly > >> encrypted copies of the old ones laying around waiting to be > >> stolen? > > If you're storing *old* passwords that you don't want people to use > again, would it matter if they're stored as plain text? I would imagine > that you could just add them to a banned passwords list. ---- actually it would matter for a lot of reasons - and thus, it would never be done which is why Les asked the question. Craig
