The following issue has been SUBMITTED. ====================================================================== http://www.dbmail.org/mantis/view.php?id=466 ====================================================================== Reported By: haydude Assigned To: ====================================================================== Project: DBMail Issue ID: 466 Category: Authentication layer Reproducibility: always Severity: major Priority: normal Status: new target: ====================================================================== Date Submitted: 03-Dec-06 19:52 CET Last Modified: 03-Dec-06 19:52 CET ====================================================================== Summary: Passwords are stored in clear [serious security flaw] Description: First of all, many thanks to the authors for this great package. This is just what was necessary to build a resielient mail system. The fact that I am reporting this issue is an indication that I intend to adopt it and support its development.
Here is the issue: The users' passwords are stored in clear in the database. These should be stored using one way encryption, because storing them in clear represents a serious security flaw. ====================================================================== Issue History Date Modified Username Field Change ====================================================================== 03-Dec-06 19:52 haydude New Issue ======================================================================
