Top Menu

Jump to content
    Modules
      • Projects
      • Activity
      • Work packages
      • Gantt charts
      • Calendars
      • Team planners
      • Boards
      • News
    Home
    • Getting started
    • Introduction video
      Welcome to OpenProject Community
      Get a quick overview of project management and team collaboration with OpenProject. You can restart this video from the help menu.

    • Help and support
    • Upgrade to Enterprise edition
    • User guides
    • Videos
    • Shortcuts
    • Community forum
    • Enterprise support

    • Additional resources
    • Data privacy and security policy
    • Digital accessibility (DE)
    • OpenProject website
    • Security alerts / Newsletter
    • OpenProject blog
    • Release notes
    • Report a bug
    • Development roadmap
    • Add and edit translations
    • API documentation
  • Sign in
      Forgot your password?

      or sign in with your existing account

      OpenProject ID Google

Side Menu

Collapse project menu

  • Overview
  • Activity
    Activity
  • Roadmap
  • Work packages
    Work packages
  • Gantt charts
    Gantt charts
  • Calendars
    Calendars
  • Team planners
    Team planners
  • Boards
    Boards
  • News
  • Forums

Content

Expand project menu
General discussion
  1. OpenProject Community
  2. OpenProject
  3. Forums
  4. General discussion
  5. Repository passwords stored in cleartext

Repository passwords stored in cleartext

Added by Oscar Löfwenhamn almost 6 years ago

In the database, passwords in the 'repositories' table are stored in cleartext. This feels like a bad idea to me, and I was happy to notice that user passwords are stored differently. Shouldn't repository passwords also be hashed in a similar fashion? Is there other potentially sensitive information that is stored in cleartext?


Loading...