Folks,
When a user logs in thru one of the web clients using the non-ssl ports (5222, or 7070), is the password sent over the wire in plain text form? Wanted to know in case this is a security concern. Is the standard solution to use an SSL connection instead?
Thanks,
BEA