Actions
Feature #6394
closed
Add Salt to Authentication
Status:
Closed
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
2010-09-14
Due date:
% Done:
0%
Estimated time:
Resolution:
Description
The passwords in the redmine database are hashed, but a salt is not added. If a database is compromised, one could run a rainbow attack and could potentially deduce a username's password.
Related issues
Updated by Jean-Philippe Lang about 13 years ago
- Status changed from New to Closed
Feature committed in r4936.
Actions