Why is the password not hashed?

I see that ejabberd provides a adhoc command to query to password of a user, so it must store that password somewhere. OpenFire seems to do the same. What is going on here? Is there some XMPP requirement that needs to be accommodated? Isn't it good practice to hash passwords?

http://www.ejabberd.im/plaint

Right, so it's now my

Right, so it's now my understanding that the server needs to be able to access the password in order to support auth mechanisms like CRAM-MD5.

FWIW, I think the answer given in the linked FAQ entry makes this anything than clear.

Syndicate content