At this moment all the passwords are stored as plain text in the database. Use any library/tool to encrypt these values.
DoD:
All the passwords should be difficult (or, even, impossible) to restore from the encrypted value stored in a DB. They shold be salted and encrypted using a strong algorythm.
w32blaster
commented
9 years ago
At this moment all the passwords are stored as plain text in the database. Use any library/tool to encrypt these values.
DoD:
All the passwords should be difficult (or, even, impossible) to restore from the encrypted value stored in a DB. They shold be salted and encrypted using a strong algorythm.