[Vtigercrm-commits] [vtiger development] #4102: Passwords stored in clear text
vtiger development
vtiger-tickets at trac.vtiger.com
Wed Aug 1 03:50:48 EDT 2007
#4102: Passwords stored in clear text
------------------------+---------------------------------------------------
Reporter: libregeek | Owner: developer
Type: defect | Status: new
Priority: unassigned | Milestone: 5.0.4
Component: vtigercrm | Version: 5.0.3
Keywords: |
------------------------+---------------------------------------------------
The webmail password which is used to access the IMAP folders are stored
in clear text in vtiger_mail_accounts table. This is a serious security
issue, since the administrators can view others password. The ideal
situation may be not to store the email password in the table. There are
two options:
1. Try to login to the IMAP server with the account details of user
vtiger(provided the IMAP and vtiger useraccount are the same)
2. Prompt for the email password when the webmail is accessed.
--
Ticket URL: <http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/4102>
vtiger development <http://trac.vtiger.com/>
vtigerCRM
More information about the vtigercrm-commits
mailing list