Wish list - Encrypted passwords for Admins by default

Things you'd like to see in phpList

Wish list - Encrypted passwords for Admins by default

Postby benmoreassynt » 8:50pm, Thu 11 Aug, 2011

As far as I can see, although you can request that regular passwords are encrypted in the /config/config.php file, this does not affect admin passwords. Moreover, one admin can see another admin's password in plain text in the back end. Assuming that 99.9% of even developers use the same password for multiple sites, this is far from ideal, especially if a site is hacked.

I'd like to see passwords encrypted and salted, and a password reset/recovery system put in place for the admins.
benmoreassynt
phpList newbie
 
Posts: 2
Joined: 8:38pm, Thu 11 Aug, 2011

Re: Wish list - Encrypted passwords for Admins by default

Postby michiel » 7:40pm, Mon 15 Aug, 2011

That's available in the development version. 2.11.6 is cautiously stable, but as usual development versions may have some issues on certain systems.
michiel
Admin
 
Posts: 1022
Joined: 10:18pm, Fri 11 Apr, 2003
Location: Buenos Aires, Argentina


Return to Feature Requests, Wish-list

Who is online

Users browsing this forum: No registered users and 1 guest