CRYPTOGRAPHY IN VADMIN
-----------------------
In order to work VADMIN you have to recompile PHP with MCRYPT support.
Sorry, no exceptions. See http://www.php.net/mcrypt for instructions
on how to get, compile, and install libmcrypt. You will need
libmcrypt version 2.4.x or newer. After you have installed libmcrypt,
recompile PHP with this flag: "--with-mcrypt".

This requirement is for your own security. Of course, you can hack the
code to disable mcrypt, but this will be silly.

CRYPTO_HASH_LINE and MCRYPT_ALGO
--------------------------------
These are the environment variables which are set in the apache include
file (see SECURITY for more info). CRYPTO_HASH_LINE can have any value
long enough to be able to safely encrypt the sensitive data, although
you should keep in mind that depending on the algorythm you choose,
this line may be truncated to fit the algorythm needs.

MCRYPT_ALGO is the algorythm name to be used by MCRYPT. This has to be
a symmetric algorythm and support ECB encryption mode. For the list of 
available algorythms see your libmcrypt documentation. The default 
setting is "blowfish", but you can and are encouraged to change it to 
some other strong algorythm to make it even harder to brute-force the
passwords. Possible choices are:

blowfish
twofish
tripledes
gost
serpent

and others.

If at any point you decide you wish to a different HASH_LINE and/or 
MCRYPT_ALGO, you may do so, but all stored passwords will become
invalid and will be discarded the first time they fail. You will have
to log into each domain and make sure new values are stored. This can
be quite a hassle if you have a lot of domains, so choose wisely. :)

