View Issue Details

IDProjectCategoryView StatusLast Update
0018786phpList 3 applicationAuthentication Systempublic24-07-17 20:03
Reporterduncanc Assigned To 
Status resolvedResolutionfixed 
Product Version3.3.1 
Target Version3.3.2Fixed in Version3.3.2 
Summary0018786: ENCRYPT_ADMIN_PASSWORDS is still used
DescriptionWhile looking at
I was surprised to see that the define ENCRYPT_ADMIN_PASSWORDS is still used.

I thought that admin passwords now are always encrypted (hashed).

A quick grep of the code shows that ENCRYPT_ADMIN_PASSWORDS is used in only 7 places so it looks to be a simple job to remove it entirely.
TagsNo tags attached.



24-07-17 15:33

administrator   ~0059246

I think it was "ENCRYPTPASSWORD" that was removed and replaced. But yes, we should stop allowing using this option. In fact, the documentation already says we do.

I'll check and remove all the instances where it's still used.