On 16 Aug 2011, at 10:33, Benoit Chesneau wrote: > Imo we shouldn't at all provide plaintext passwords. Maybe a safer > option would be to let the admin create the first one via http or put > the hash in the a password.ini file manually. If we are enough kind we > could also provide a couchctl script allowing user management, config > changes ... ?
This sounds like a decent proposal. Much like you have to use htpasswd to generate passwords for Apache httpd, we could bundle a script that lets you generate passwords for the CouchDB ini files, and then forbid the use of plaintext. This solves both the technical problem (I think?) and helps us re-enforce better security practices across the board.
