https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33352
Bug ID: 33352
Summary: Password sent by message (accdetails) without
decryption
Change sponsored?: ---
Product: Koha
Version: 21.11
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P5 - low
Component: Tools
Assignee: [email protected]
Reporter: [email protected]
QA Contact: [email protected]
Hello! I'm using version 21.11 of Koha. In our case, we have user
self-registration enabled, and when a user registers, they are automatically
sent a Welcome email through Koha messaging. The message includes their account
name and password, but the problem is that the password is sent without being
encrypted. This did not happen in the previous version. I understand that Koha
uses Blowfish encryption. Do you have any idea how to decrypt the password so
that it can be displayed?
For example, this is the programmed message (accdetails):
Hello, <<borrowers.firstname>> <<borrowers.surname>>.
Your account has been created in the UNPSJB Library System. Your account
details are as follows:
Username: <<borrowers.userid>>
Password: <<borrowers.password>>
The text sent is:
Hello, Ximena Vanina XXXX
Your account has been created in the UNPSJB Library System. Your account
details are as follows:
Username: ximenavanina.XXXX
Password: $2a$08$orfJ.jWu.RYvR/nhn.gs1e42FnSnliuLuXmsRG38hTP3irEC5BJUS
Any ideas?
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[email protected]
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
