View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0004403 | Composr | core | public | 2020-10-04 01:11 | 2020-10-04 01:11 |
| Reporter | Chris Graham | Assigned To | |||
| Severity | Feature-request | ||||
| Status | non-assigned | Resolution | open | ||
| Product Version | |||||
| Fixed in Version | |||||
| Summary | 0004403: Automatic re-saving of insecure passwords | ||||
| Description | If you log in with a password that is not in the standard Composr format, immediately re-save it in the correct format. Have a config option to enable this behaviour, but default it to on. Scenarios include: 1) Old sites being updated, so that new security is automatically applied 2) People manually editing the DB to put in a new password in plain text Do this for Composr accounts, but also for the master password. For the case of the master password, we need to be a little careful. We can't just rebuild the config file in a naive way because it may contain code - we'd need to do a reg-exp search and replace. | ||||
| Tags | Type: Security | ||||
| Time estimation (hours) | 2 | ||||
| Sponsorship open | |||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2020-10-04 01:11 | Chris Graham | New Issue | |
| 2020-10-04 01:11 | Chris Graham | Tag Attached: Type: Security |
