[pmwiki-users] pmwiki-2.0.beta29 out, needs testers and feedback
Joachim Durchholz
jo at durchholz.org
Wed Apr 13 07:20:42 CDT 2005
Crisses wrote:
> On Apr 12, 2005, at 12:55 AM, Patrick R. Michaud wrote:
>
>> User-based authentication can completely coexist and mix freely with
>> password-based authentication, thus an edit password of
>> "id:alice glorp" will allow Alice and anyone who knows the
>> password "glorp" to edit the page.
>
> Does this mean that if a password is "alice" and a username is "alice"
> both will be able to see the page?
>
> This represents a hazard if users are allowed to create passwords.
The hazard is in allowing users to create passwords: if a user thinks
that "alice" is a useful password, he's mistaken whether or not there's
an account that happens to be named "alice".
Regards,
Jo
More information about the pmwiki-users
mailing list