Actions
Feature #6394
closedAdd Salt to Authentication
Status:
Closed
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
2010-09-14
Due date:
% Done:
0%
Estimated time:
Resolution:
Description
The passwords in the redmine database are hashed, but a salt is not added. If a database is compromised, one could run a rainbow attack and could potentially deduce a username's password.
Related issues
Actions