| > Someone naively sets up error reporting that takes the POST data and logs it somewhere If you are not securing your logs, you may have a much bigger problem than just exposing user passwords. > Employees can now see the passwords from POST data and impersonate each other Than either don't give them access to logs (where they can find far more dangerous information than a password) or simply accept that (common for developers) they have to be trusted, and your auth protocol really doesn't matter in that case. > a vulnerability with the error reporting software can leak the passwords to the public Again, if your logs become public, passwords really may not be the worst of your problems. Keep in mind that main benefit of having LDAP server is centralized user management. Once you have that, you are free to use whatever auth protocol you wish - LDAP, OAuth, whatever the apps will support. LDAP is particularly easy to use, but if you don't like it and have control over your applications, use something else. |