Passwords should be generated using salt
March 26, 2013
(Total: 0.00 h)
Currently password are generated using the MD5 from a clear password.
It is not safe taking into account that direct md5 hashes could be easily decrypted using lots of tools (even online, like md5rainbow.com or md5decrypt.org).
Passwords should be "salted" (consider usage of IA_SALT_STRING).
- Target version changed from 2.3.0 to 4.5.0
- Tracker changed from Bug to Feature
- Private changed from Yes to No
- Target version changed from 4.5.0 to 4.7.0
- Assignee set to Batyr Mackenov
- Target version changed from 4.7.0 to 2.3.7
- Status changed from New to In Progress
- Status changed from In Progress to Resolved
Also available in: Atom