Encrypt Login Password should be the default, not optional

Status: Inactive

Brought to you by: glucopilot, shahineo

#55 Encrypt Login Password should be the default, not optional

Milestone: v1.8

Status: open

Owner: nobody

Labels: None

Priority: 5

Updated: 2005-11-11

Created: 2005-11-11

Creator: Aren Cambre

Private: No

Right now the Encrypt Login Password option is an
option that you must manually select. This is not
optimal security. High security, especially really simple
things like this, should be the default, and overriding the
default, high security state should be the option.

Functionally, Encrypt Login Password should instead
be Do Not Encrypt Login Password, although I question
the need for such an option in the first place.

Discussion

Jeff Donnici - 2005-11-28

Logged In: YES
user_id=570394

I'd also like to see the Encrypt Login Password actually
encrypt the password in the config file (as opposed to just
transmitting it in the POST in encrypted form, as was
explained by Omar in some comments on Scott's blog). This
was throwing me off when I was testing a local install and
was surprised to continue seeing the plaintext password.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Encrypt Login Password should be the default, not optional

Group

Searches

Help

#55 Encrypt Login Password should be the default, not optional

Discussion