Save entered passwords in the wordpress user table

[gdessi1965]

Even if the checkbox for this feature is disabled, the password is still saved in the WordPress database.

[heiglandreas]

Are you sure that THE password is saved in WordPress or just A password?

'Cause in https://github.com/heiglandreas/authLdap/blob/d411f9e5f99e01bfd56f3c6ff59442b15e6a809c/authLdap.php#L465-L471 we are explicitly setting a blank password for the user-info that will later be passed into the WordPress function wp_[update|insert]_user. And it might indeed happen that the empty password will then be hashed. So you will find a password hash in the database. It will just not be the hash of the password that the user entered.

But I might actually set that to a random string to avoid that a user might be able to log in with an empty password. Though, empty passwords aren't allowed anyhow, so whatever the user will enter it will not match...

[gdessi1965]

Ah ok, no I didn't check that it was a randomly generated password just to not leave the field empty, thanks