Password storage
Password storage
Hey Kent. I was wondering about changing the way passwords are stored, basically encrypting them on disk so that they're not easily readable. Not really a high priority, but it's something we've been thinking about.
-
- Site Admin
- Posts: 5880
- Joined: Wed Mar 19, 2008 8:47 pm
Re: Password storage
I'll probably switch to a hash-only storage system on the next major version so that passwords aren't stored on the server at all. I'll have to replace the password recovery system with some kind of password reset system, however. In the mean time, it's crucial that only trusted people have physical access to your server and the Remote Admin and API passwords.selene wrote:Hey Kent. I was wondering about changing the way passwords are stored, basically encrypting them on disk so that they're not easily readable. Not really a high priority, but it's something we've been thinking about.
Re: Password storage
Yep, just something I wanted to bring up. Thanks again Kent.