[jira] Commented: (COUCHDB-614) password hash shouldn't be displayed in _config display

Stephan Wehner (JIRA) Wed, 06 Jan 2010 08:28:17 -0800

    [ 
https://issues.apache.org/jira/browse/COUCHDB-614?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12797165#action_12797165
 ]


Stephan Wehner commented on COUCHDB-614:
----------------------------------------

Could the page with the password hash be accessed by an admin through http (not 
encrypted)?

(Do I understand this right that no salt is involved in password hashing?)

Stephan

> password hash shouldn't be displayed in _config display
> -------------------------------------------------------
>
>                 Key: COUCHDB-614
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-614
>             Project: CouchDB
>          Issue Type: Improvement
>          Components: HTTP Interface
>    Affects Versions: 0.10.1, 0.10.2, 0.11
>            Reporter: Benoit Chesneau
>
> password hash shouldn't be displayed in _config display.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Commented: (COUCHDB-614) password hash shouldn't be displayed in _config display

Reply via email to