openerp-india team mailing list archive

[Nicolas Bessi - Camptocamp <1280152@xxxxxxxxxxxxxxxxxx>]

Public bug reported:

Auth_crypt module use by default md5 hash instead of the proposed
sha256.

Sadly this implementation is broken.

Also passwords are only encrypted when user log in for the first time.  
So deactivated usesr will never have their password encrypted.

Regards

Nicolas

** Affects: openobject-addons
     Importance: Undecided
         Status: New

** Branch linked: lp:~camptocamp/ocb-addons/improve_auth_crypt-nbi

-- 
You received this bug notification because you are a member of OpenERP
Indian Team, which is subscribed to OpenERP Addons.
https://bugs.launchpad.net/bugs/1280152

Title:
  [7.0][trunk]Auth crypt sha256 is broken and deactivated users will
  never have password encrypted

Status in OpenERP Addons (modules):
  New

Bug description:
  Auth_crypt module use by default md5 hash instead of the proposed
  sha256.

  Sadly this implementation is broken.

  Also passwords are only encrypted when user log in for the first time.  
  So deactivated usesr will never have their password encrypted.

  Regards

  Nicolas

To manage notifications about this bug go to:
https://bugs.launchpad.net/openobject-addons/+bug/1280152/+subscriptions