>I run a system from my home but must also think about those that do >not. As I have stated in the prior message, everyone should understand >the "human engineering" side of security. Hiding the user passwords in >the UM while making the database it uses easily readible via a text >editor, and exportable via menu command to a plain text file is not >secure, and cannot be made so because the requirements are
I see the issue of obscured passwords as one of helping the innocent passerby or sysop respect the privacy of an individual's password.
It's not something that is designed to stop someone with 'evil' intent.
The next User Manager will obscure the passwords in the User Interface, but not enrypt them in anyway.