[thelist] Retrieving password() field from a MySQL table

[David Bindel]

> > with the challenge question system, _you_ have both
> > the question and answer, so you could just use the form yourself to
> > look at all the users' passwords.
>
> not if the passwords are encrypted

Yeah, but if the passwords are encrypted, you can't send the password
back to the user, which is what the whole question and answer system was
made for in the first place!  :-)