Subject Re: [ib-support] Where I find a really good security specific IB/FB group?
Author Ivan Prenosil
> From: Dimitry Sibiryakov
> BTW plain text passwords aren't sent over the net. Password is
> hashed on the client side by DES64 and is going through the net
> hashed. On the server side arrived hash is hashed again and then
> compared with the stored value.

Right. It means that you can't look at USERS table in ISC4.GDB and use
hashed password from there, but if you are able to look at password that is sent
over net, you CAN use it to connect to database, because you can simply
instruct gds32 that your password is already hashed!