http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8753
--- Comment #28 from Chris Cormack <[email protected]> --- Comment on attachment 24781 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=24781 Bug 8753 - Add forgot password link to OPAC Review of attachment 24781: --> (http://bugs.koha-community.org/bugzilla3/page.cgi?id=splinter.html&bug=8753&attachment=24781) ----------------------------------------------------------------- ::: opac/opac-password-recovery.pl @@ +135,5 @@ > + if ( ($borrower_number) > + && ( $password eq $repeatPassword ) > + && ( length($password) >= $minPassLength ) ) > + { #apply changes > + changepassword( $username, $borrower_number, md5_base64($password) ); We no longer md5 hash the password in Koha, you should do use Koha::AuthUtils; hash_password($password) instead. (It's using bcrypt with a salt). Old passwords still work, we check both, but anytime people change their password it should be hashed with the much more secure bcrypt -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
