MantisBT

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0003283ATutorAdminpublic2008-01-10 08:272008-08-21 08:57
Reporterharris 
Assigned Toharris 
PriorityhighSeverityfeatureReproducibilityalways
StatusclosedResolutionfixed 
PlatformOSOS Version
Product Version 
Target VersionFixed in Version 
Summary0003283: Encrypted admins' password
DescriptionEncrypted admins' password in the database to prevent database access in the event of security breach.

http://www.atutor.ca/view/2/12400/1.html [^]
TagsNo tags attached.
Affects versionSVN
SVN Revision#
Attached Files

- Relationships

-  Notes
(0002732)
harris (developer)
2008-01-10 09:50

What happens if we are changing hashing algorithm in the future?

What approach should we take for all the existing passwords? The only way is to ask them to set up their passwords again either by a token or a random generated password.
(0002733)
harris (developer)
2008-01-10 09:53

login.tmpl.php has to be modified by adding sha1 encryption upon login submission.

This will affect all the existing themes.
(0002736)
harris (developer)
2008-01-11 05:58

7218
(0002737)
harris (developer)
2008-01-11 06:03

Moved the encryption into the sql script instead.
(0002738)
harris (developer)
2008-01-11 06:03

7219

- Issue History
Date Modified Username Field Change
2008-01-10 08:27 harris New Issue
2008-01-10 08:27 harris Affects version => SVN
2008-01-10 08:28 harris Status new => assigned
2008-01-10 08:28 harris Assigned To => harris
2008-01-10 09:50 harris Note Added: 0002732
2008-01-10 09:53 harris Note Added: 0002733
2008-01-11 05:58 harris Status assigned => resolved
2008-01-11 05:58 harris Fixed in Version => 1.6
2008-01-11 05:58 harris Resolution open => fixed
2008-01-11 05:58 harris Note Added: 0002736
2008-01-11 06:03 harris Status resolved => feedback
2008-01-11 06:03 harris Resolution fixed => reopened
2008-01-11 06:03 harris Note Added: 0002737
2008-01-11 06:03 harris Status feedback => resolved
2008-01-11 06:03 harris Fixed in Version 1.6 =>
2008-01-11 06:03 harris Resolution reopened => fixed
2008-01-11 06:03 harris Note Added: 0002738
2008-08-21 08:57 greg Status resolved => closed


Copyright © 2000 - 2017 MantisBT Team
Powered by Mantis Bugtracker