Passwords store unencrypted in database
Page: 1, 2
Recent posts in this topic
andrewCharron
on Feb 5. 2008. 2:59 pm
Why does AC not employ encryption to passwords in the database? This seems like a rather large security risk to me. Passwords should not be stored in the database as plain text.
Ilija Studen
on Feb 5. 2008. 3:54 pm
User passwords need to be stored in readable format due to API - you need to be able to read any important bit of data. If you for instance decide to move away from activeCollab and move data into another application you will not need to ask your users to reset their password.
We will most probably add in / out encryption to password field, but one of the requirements it to have them stored in such format that we can read them when needed. Using digest algorithms will not work here.
We will most probably add in / out encryption to password field, but one of the requirements it to have them stored in such format that we can read them when needed. Using digest algorithms will not work here.
activeCollab team member | LinkedIn
andrewCharron
on Feb 6. 2008. 7:31 am
This doesnt seem acceptable to me. Passwords should NEVER be in plain text. Regardless of weither it allows for portability, the security risk is not worth it. I have not come across any software that stores it in this way.
seems that the downside of letting users make a new password in the 1/1000 chance you were to migrate all your ac data to another app, doesn't outweigh this security risk...
www.synergetics.be | www.davor.be
Oliver Maksimović
on Feb 6. 2008. 1:18 pm
Well, on the other hand: if someone gets your database, then it does not matter if your passwords are encrypted or not - the attacker already has everything.
P.S. Don't get me wrong because I'm not defending or accusing anyone here, it's just that I want to bring out another point of view :)
P.S. Don't get me wrong because I'm not defending or accusing anyone here, it's just that I want to bring out another point of view :)
activeCollab team member, too ;)
andrewCharron
on Feb 6. 2008. 1:55 pm
Yes, they have the access to change THIS database, but what of the users who use the same password for multiple site/uses? The hacker now has their email and potential password, and may be able to get into their private email, and through that anything they receive notifications for (Banking, Paypal, etc) and use the same password. Also, what about an employee who has access to the database for admin purposes. Say this admin gets fired. He knows everyones password had he ever looked into the database, and can use that against the company.
No one should ever be able to see someone elses password for any reason. There is no justifying it. This security risk is large, and I can see my employer having a large problem with this. I will have to inform them, and could lead to a refund since we're within the 30 day trial. I need some assurance that this can be fixed, through confirmation that it is in 1.1, a bug fix, hot fix, or hack.
No one should ever be able to see someone elses password for any reason. There is no justifying it. This security risk is large, and I can see my employer having a large problem with this. I will have to inform them, and could lead to a refund since we're within the 30 day trial. I need some assurance that this can be fixed, through confirmation that it is in 1.1, a bug fix, hot fix, or hack.
I agree fully with andrewCharron. My company just started our trial of activeCollab. We cannot allow a security risk such as this to exist in the app if we continue to use it. Ilija: what, if anything, do the AC devs plan on doing about this?
Ilija Studen
on Feb 6. 2008. 7:36 pm
RSDi:Ilija: what, if anything, do the AC devs plan on doing about this?
We'll see what we can do about this but there is no solid plan at this point.
activeCollab team member | LinkedIn
andrewCharron:No one should ever be able to see someone elses password for any reason. There is no justifying it. This security risk is large, and I can see my employer having a large problem with this. I will have to inform them, and could lead to a refund since we're within the 30 day trial. I need some assurance that this can be fixed, through confirmation that it is in 1.1, a bug fix, hot fix, or hack.
I second that. We are using aC for managing a security research project. We already know now that they will try to hack us, as a sport. This is the way it goes with these kinds of projects. This should really be fixed asap, in 1.1.
www.synergetics.be | www.davor.be
