Password storage

Add your suggestions for improving Poker Mavens
Post Reply
selene
Posts: 44
Joined: Tue Jun 17, 2008 1:29 pm

Password storage

Post by selene »

Hey Kent. I was wondering about changing the way passwords are stored, basically encrypting them on disk so that they're not easily readable. Not really a high priority, but it's something we've been thinking about.
Kent Briggs
Site Admin
Posts: 5878
Joined: Wed Mar 19, 2008 8:47 pm

Re: Password storage

Post by Kent Briggs »

selene wrote:Hey Kent. I was wondering about changing the way passwords are stored, basically encrypting them on disk so that they're not easily readable. Not really a high priority, but it's something we've been thinking about.
I'll probably switch to a hash-only storage system on the next major version so that passwords aren't stored on the server at all. I'll have to replace the password recovery system with some kind of password reset system, however. In the mean time, it's crucial that only trusted people have physical access to your server and the Remote Admin and API passwords.
selene
Posts: 44
Joined: Tue Jun 17, 2008 1:29 pm

Re: Password storage

Post by selene »

Yep, just something I wanted to bring up. Thanks again Kent.
Post Reply