Topic: password... (Read 6363 times)

tanfwc · « **on:** March 27, 2004, 06:50:53 am »

why is the password in the database not in md5 hashes? it is in PLAIN TEXT...

Joachim Müller · « **Reply #1 on:** March 27, 2004, 08:05:11 am »

there has been a discussion about this a while ago, please search the board for "md5 AND password".
There's a mod available: http://forum.coppermine-gallery.net/index.php?topic=2179

GauGau

tanfwc · « **Reply #2 on:** March 27, 2004, 08:14:53 am »

ok. Thanx. Why dun u put that function into this gallery?

Joachim Müller · « **Reply #3 on:** March 27, 2004, 08:16:34 am »

I hope you read the posting I was refering to: there's always ease of use against security: some people prefer having the passwords stored in plain text, because they run a gallery with newbie-users who forget their passwords every now and then: it's easier to look up their passwords if they're plain-text.
If someone hacks your site and is able to see your database (e.g. gains access to phpMyAdmin) and its contents, you probably have to worry about other things anyway...
The main reason why this hasn't been done yet I guess is: it simply has been forgotten. There are so many features that are being considered when developing a new version: sometimes you simply forget about stuff you were thinking about before.

GauGau

tanfwc · « **Reply #4 on:** March 27, 2004, 08:22:14 am »

does this md5 feature install in the future versions?

Joachim Müller · « **Reply #5 on:** March 27, 2004, 08:48:55 am »

maybe, but it's not in cpg1.3.0, which is in the release pipeline.

GauGau

tanfwc · « **Reply #6 on:** March 27, 2004, 03:14:24 pm »

News:

Author Topic: password... (Read 6363 times)

tanfwc

password...

Joachim Müller

password...

tanfwc

password...

Joachim Müller

password...

tanfwc

password...

Joachim Müller

password...

tanfwc

password...