View Issue Details

IDProjectCategoryView StatusLast Update
0012822phpList 3 applicationConfigurationpublic21-02-13 23:56
Reporterbenjam Assigned To 
Status resolvedResolutionfixed 
Product Version2.10.5 
Fixed in Version2.11.0 
Summary0012822: Database stores passwords in plain text
DescriptionI noticed that the admin database stores passwords in plain text. This is a huge security risk. Not only does it open up the script to outside hackers if they ever get a hold of the database, but a malicious admin with access to the database can possibly use those passwords to gain access to other sites and products where the stored username and password combinations may also be valid.

At the very least, an MD5 hash should be used to obfuscate the passwords, and preferably, a salted password MD5 hash, or both to avoid collisions, should be used.
TagsNo tags attached.


child of 0010998 new Enhance security 



18-12-08 17:36

administrator   ~0050272

yes, true, would be good to encrypt them. Thing is, in that case, you can't send a password reminder, so you'd have to send a "password change token" instead.

That's quite a big change. Claudio, can you work on this?


30-12-08 12:31


Yes. I've been working on this, in the dev version.

1) I have added the possibility to encrypt passwords by setting a config flag. This way, when an admin is added or updated, his password is stored encrypted.

2) If the admin has problems or simply forget his password, instead of sending an email with the new password, an email is sent with a new link which points to a password update page. The link is based on a token, given to allow only that person to change that password.

3) If the link access is performed after 24 hours, the password update is denied and the request is erased. This way, the admin should perform a new password request.


08-01-09 17:35


Ok, changes were made.
New features are available for testing.