Wed 28-Jul-2010 13:03
I am currently investigating the method in which we allow users to authenticate against our web update server for Sophos Antivirus, we are currently using Sophos Antivirus 7.6.20.
From the clients perspective I notice that the username and password gets stored locally in clear text in the files, even though the password seems to be altered.
Can you confirm to me what level of level of security is used to secure the password, (Encryption , Hash or Encoding?)
Thu 29-Jul-2010 09:59
the term for the method used is obfuscation, it is of course reversible and just for hiding the credentials from prying eyes. What is your concern?