Hi,someone recently posted, that OC4 uses the user's password as a key for file encryption.
I just tested it, and it's true. This means: as soon as someone changes his password, he cannot access his files anymore!!!!!! This is a real bad joke, IMO!!!!!
I don't know if this also applies to local users. I logged in with an ldap account, uploaded a test file, logged out, changed my ldap password, logged in again - and the file was unreadable!!!! I switched back to the old password and could read the file again.
This really can't be true. If you are forced to change your password by some password policy, and you are not allowed to use the old password again, you will loose all your files.
Dirk
smime.p7s
Description: S/MIME Kryptografische Unterschrift
_______________________________________________ Owncloud mailing list [email protected] https://mail.kde.org/mailman/listinfo/owncloud
