Adapter logs incorret username and password (!) in cleartext.
Client [shellymotion2-nnnnnnnn] has invalid password(-password-) or username(-username-)
Ìn my oppinion security relevant data should NEVER be logged with cleartext. At least passwords should be masked (or omitted in this case). Even in case of incorrect data this information is sensitive as incorrect paswords often are incorrect by simply missing or mixed up characters only.
mcm1957
commented
1 year ago
Adapter logs incorret username and password (!) in cleartext.
Client [shellymotion2-nnnnnnnn] has invalid password(-password-) or username(-username-)Ìn my oppinion security relevant data should NEVER be logged with cleartext. At least passwords should be masked (or omitted in this case). Even in case of incorrect data this information is sensitive as incorrect paswords often are incorrect by simply missing or mixed up characters only.
Adapter Release 2.5.1