[Bug]: Admin passwords CLEAR TEXT in database >> should hash.

tastyigniter / TastyIgniter

:fire: Powerful, yet easy to use, open-source online ordering, table reservation and management system for restaurants

https://tastyigniter.com

MIT License

2.98k stars 966 forks source link

[Bug]: Admin passwords CLEAR TEXT in database >> should hash. #1074

Closed mindflowgo closed 3 months ago

mindflowgo commented 3 months ago

What happened?

The admin password should be md5/sha256 encrypted, so it's easy to see in the database (ti_settings.password)

What did you expect to happen?

I expected an encrypted hash to be stored in database.

Version

3.x

What browser are you seeing the problem on?

No response

Relevant log output

No response

sampoyigi commented 3 months ago

@mindflowgo admin passwords are not stored in the ti_settings table and we don't have a password column either, can you be more specific?

mindflowgo commented 3 months ago

Hmm I am sure I saw it in the database, perhaps I was testing an earlier version, as I do NOT see it in 3.7.5 / 3.7.6. And the passwords I do see in ti_users, they ARE encrypted. I consider this issue closed. Thanks Samuel.