Why is the crypted-password published in the RIPE Database ? Why not keep it secret ?
This way, users can see what passwords they have for their mntner objects. Also, it means that the RIPE Database can process updates faster (no overhead in looking up the crypted password).
A determined, malicious cracker can guess the password, but to use it they must then send an e-mail. The RIPE Database keeps logfiles of all transactions, so we would have a written record of any changes made.
We encourage users to adopt PGP authentication.