Closed scloo closed 7 years ago
Hashing passwords is a high priority. We should not be handling passwords in plaintext.
All the users password in the database has been hashed and stored in field 'hash'. And I have enabled password hash verification in the Analytics login.
Done.
Password verification has been disabled during testing mode. This needs to be uncommented in the User model.
Also all users do not have hash password set yet. So these need to be hashed before the password verification be turned on.