Daniel Meier created WICKET-6912:
------------------------------------
Summary: PasswordTextField should not use Strings
Key: WICKET-6912
URL: https://issues.apache.org/jira/browse/WICKET-6912
Project: Wicket
Issue Type: Improvement
Components: wicket-core
Reporter: Daniel Meier
According to the [Java Cryptography Architecture Reference
Guide|https://docs.oracle.com/javase/8/docs/technotes/guides/security/crypto/CryptoSpec.html#PBEEx],
Passwords should not be stored in {{java.lang.String}} Objects. Wicket's
{{PasswordTextField}} however uses {{String}} Models, which can be a security
vulnerability.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
