[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Dolibarr-bugtrack] [bug #18023] Clear passwords in database
From: |
Thomas Despoix |
Subject: |
[Dolibarr-bugtrack] [bug #18023] Clear passwords in database |
Date: |
Mon, 16 Oct 2006 12:45:48 +0000 |
User-agent: |
Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8.0.7) Gecko/20060909 Firefox/1.5.0.7 |
URL:
<http://savannah.nongnu.org/bugs/?18023>
Summary: Clear passwords in database
Project: Dolibarr
Submitted by: mytto
Submitted on: lundi 16.10.2006 à 12:45
Severity: 3 - Normal
Status: None
Privacy: Public
Assigned to: None
Open/Closed: Open
Release: None
Operating System: GNU/Linux
_______________________________________________________
Details:
User passwords are stored human readable in the database, which is obviously
an rare issue.
They could at least be md5-encrypted!
Better, try and use an authentication layer like PEAR::Auth, to allow
integration to other authentication method like LDAP, POP, HTTP, CAS SSO,
etc.
_______________________________________________________
Reply to this item at:
<http://savannah.nongnu.org/bugs/?18023>
_______________________________________________
Message posté via/par Savannah
http://savannah.nongnu.org/
- [Dolibarr-bugtrack] [bug #18023] Clear passwords in database,
Thomas Despoix <=