Ticket #795 (closed Defect: fixed)
Changing passwords is broken in DM 4.6
Reported by: | jri | Owned by: | jri |
---|---|---|---|
Priority: | Critical | Milestone: | Release 4.7 |
Component: | DeepaMehta Standard Distribution | Version: | 4.6 |
Keywords: | Cc: | dgf, Malte, JuergeN | |
Complexity: | 3 | Area: | |
Module: | deepamehta-accesscontrol |
Description (last modified by jri) (diff)
The new password is stored in plain text. The SHA256 encoding is missing. So a subsequent login fails. The account is broken!
Creating a new user account and setting a password from the start works. But changing it afterwards breaks the account.
Thank you very much, Arjun, for reporting!
Note: See
TracTickets for help on using
tickets.