[pmwiki-users] Rethinking passwords and authorization
Patrick R. Michaud
pmichaud at pobox.com
Tue Oct 10 13:00:14 CDT 2006
On Mon, Oct 09, 2006 at 10:31:46PM -0400, Neil Herber wrote:
> At 2006-10-09 06:02 PM -0400, Ryan R. Varick is rumored to have said:
> >I've always kind of wondered why the syntax is as the way it is
> >anyway. I certainly think it would be more intuitive if there were a
> >set of common prefixes, like
> >
> > password:quick
> > user:alice (or id:alice, if that's preferred)
> > group:authors
>
> This makes much more sense to me than the current "id:" "@" and
> nothing prefixes.
>
> pw:
> id:
> gp:
>
> are short and directly identifiable.
>
> Something like:
>
> gp: Alpha -id:Fred +pw:zebra
>
> would mean the Alpha group, except for Fred, plus anyone who knows
> the password zebra.
The main difficulty with requiring a prefix for passwords
is that it doesn't quite work from an author perspective with a
non-AuthUser-based PmWiki.
In other words, on the ?action=attr form, how do we explain to
authors/admins that in order to set a password they have to
prefix it with "pw:"? I think that many authors will be confused
about why the prefix is needed, since PmWiki already "knows"
that it's a password field.
Pm
More information about the pmwiki-users
mailing list