Our inhouse Windows 2003 server hosts our companies svn repos. I'm looking for a secure method, preferably encryption, for the server-side passwords. Right now they're stored in clear text. Is there a svn plugin or method that I can use to achieve this?
Thanks
SASL is available in most SVN serve binaries available for Windows.
Without a doubt the most secure authentication system for svn is svn+ssh:// using certificate authentication for ssh. This makes brute force attacks statistically impossible, an attacker can't use a dictionary. This also makes MITM attacks more difficult, you can't intercept a password. Even if you have access to the server you won't have a user's private key, so this takes care of some threats posed by a Malicious Insider.