Project: Webinterface II - Msgbase Structures: Zvon - RFC 2980 [Common NNTP Extensions] - Security Considerations
7. Security Considerations
The use of the AUTHINFO is optional. This command as documented has
a number of security implications. In the original and simple forms,
all passwords are passed in plaintext and could be discovered by
various forms of network or system surveillance. The AUTHINFO
GENERIC command has the potential for the same problems if a
mechanism is used that also passes cleartext passwords. RFC 1731prop [8]
discusses these issues in greater detail.